---
title: Bun v1.1.44
description: "Fixes 43 bugs. > 90% of the 'dns' module tests from Node.js' test suite now pass in Bun. You can now build frontend applications on-demand in Bun.serve(). Adds xxHash support to Bun.hash(). Adds support for reading bun.lock using import. Adds --no-install flag to bunx. Improves console.warn output. Fixes bugs in Bun's S3 client, HTMLRewriter, and node:fs compatibility improvements, and more."
date: "2025-01-16T14:01:24.519Z"
author: ben
---

{% callout %}
We're hiring [systems engineers](/careers) in San Francisco to build the future of JavaScript!
{% /callout %}

This release fixes 43 bugs. You can now build frontend applications on-demand in Bun.serve(). Adds xxHash support to Bun.hash(). Adds support for reading bun.lock using import. Adds --no-install flag to bunx. Improves console.warn output. Fixes bugs in Bun's S3 client, HTMLRewriter, and node:fs compatibility improvements, and more.

#### To install Bun

{% codetabs %}

```sh#curl
$ curl -fsSL https://bun.sh/install | bash
```

```sh#npm
$ npm install -g bun
```

```sh#powershell
$ powershell -c "irm bun.sh/install.ps1|iex"
```

```sh#scoop
$ scoop install bun
```

```sh#brew
$ brew tap oven-sh/bun
$ brew install bun
```

```sh#docker
$ docker pull oven/bun
$ docker run --rm --init --ulimit memlock=-1:-1 oven/bun
```

{% /codetabs %}

#### To upgrade Bun

```sh
$ bun upgrade
```

## Fullstack Dev Server

With [HTML imports](https://bun.sh/docs/bundler/fullstack#html-imports-are-routes), you can now run your frontend and backend together in a single incredibly fast `Bun.serve()` HTTP server. This makes it simpler to build modern frontend applications integrated with your backend.

{% raw %}

<blockquote class="twitter-tweet"><p lang="en" dir="ltr">In the next version of Bun<br><br>Bun.serve() gets initial support for bundling frontend apps on-demand <a href="https://t.co/51XcNXt3vy">pic.twitter.com/51XcNXt3vy</a></p>&mdash; Jarred Sumner (@jarredsumner) <a href="https://twitter.com/jarredsumner/status/1879170961632907630?ref_src=twsrc%5Etfw">January 14, 2025</a></blockquote> <script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script>

{% /raw %}

### HTML imports

This release introduces support for importing HTML files in Bun behind the `--experimental-html` CLI flag. These HTML files are processed by [Bun's bundler](https://bun.sh/docs/bundler) together with [`Bun.serve()`](https://bun.sh/docs/api/http). You can use the `static` option to serve these HTML files as routes. `Bun.serve()` bundles the frontend application with zero configuration and adds bundled assets as static routes.

```ts
import mySinglePageApp from "./index.html";
import { s3 } from "bun";

Bun.serve({
  static: {
    // the "/" route goes to
    "/": mySinglePageApp,
    // ... more html imports go here
  },

  // Enable some logging & errors
  development: true,

  async fetch(req) {
    // ... api endpoints go here
    const path = getS3Path(req); // ...
    return Response.redirect(s3.file(path).presign());
  },
});
```

In [Bun v1.1.43](https://bun.sh/blog/bun-v1.1.43), we added support for [HTML entrypoints](https://bun.sh/docs/bundler/html) in [Bun's bundler](https://bun.sh/docs/bundler). This release builds on that to add initial support in `Bun.serve()` to serve HTML files as routes.

You can use HTML imports to build single-page React applications on-demand in a shared backend server.

{% codetabs %}

```ts#src/backend.ts
import dashboard from "./public/dashboard.html";
import { serve } from "bun";

serve({
  static: {
    "/": dashboard,
  },

  async fetch(req) {
    // ...api requests
    return new Response("hello world");
  },
});
```

```ts#src/frontend.tsx
import "./styles.css";
import { createRoot } from "react-dom/client";
import { App } from "./app.tsx";

document.addEventListener("DOMContentLoaded", () => {
  const root = createRoot(document.getElementById("root"));
  root.render(<App />);
});
```

```html#public/dashboard.html
<!DOCTYPE html>
<html>
  <head>
    <title>Dashboard</title>
  </head>
  <body>
    <div id="root"></div>
    <script type="module" src="../src/frontend.tsx"></script>
  </body>
</html>
```

```css#src/styles.css
body {
  background-color: red;
}
```

```tsx#src/app.tsx
export function App() {
  return <div>Hello World</div>;
}
```

{% /codetabs %}

This is still pretty early - there's no hot-module reloading support yet. But we'll get there.

## `bunx --no-install`

`bunx` now supports the `--no-install` flag, which will cause the command to only run if it has already been installed in the current path or the global prefix.

Thanks to [@DonIsaac](https://github.com/DonIsaac) for implementing this!

## Read `bun.lock` with `import`

You can now read the contents of [Bun's new text-based lockfile](bun-lock-text-lockfile) with an `import` statement.

```ts
import { lockfileVersion } from "./bun.lock";

console.log(lockfileVersion);
```

We've also added type definitions to `@types/bun` so that TypeScript understands how the lockfile is structured. And, since the new lockfile is a JSONC file, we also allow importing other `.jsonc` files as well.

Thanks to [@RiskyMH](https://github.com/RiskyMH) for implementing this!

## xxHash support in `Bun.hash`

The `Bun.hash` namespace now includes `Bun.hash.xxHash32`, `Bun.hash.xxHash64`, and `Bun.hash.xxHash3`, implementing the [xxHash](https://xxhash.com/) family of fast non-cryptographic hash functions. These are suitable for applications where data must be hashed very quickly and some hash collisions are acceptable, such as integrity checks of data you trust has not been tampered with maliciously, but they should not be used for cryptographic purposes such as hashing passwords or untrusted data.

```ts#xxhash.ts
// Print a hash of stdin
const data = await new Response(Bun.stdin).arrayBuffer();
const hash: BigInt = Bun.hash.xxHash3(data);
// Format as 16 hexadecimal digits with leading zeroes
console.log(hash.toString(16).padStart(16, "0"));
```

```sh
$ cat xxhash.ts | bun xxhash.ts
aeac788911bfd3bb
$ xxhsum -H3 xxhash.ts # -H3 selects the xxHash3 algorithm
XXH3_aeac788911bfd3bb  xxhash.ts
```

Thanks to [@versecafe](https://github.com/versecafe) for wiring up the Zig standard library functions to Bun!

## Node.js compatibility improvements

### `node:dns` > 90% Node.js tests passing

`node:dns` now passes > 90% of Node.js's own test suite.

Thanks to [@heimskr](https://github.com/heimskr) for making this happen!

### `node:fs` fixes

We've fixed several bugs and inconsistencies compared to Node.js in our `node:fs` implementation, improving compatibility with existing Node.js projects and packages. We also now run a large chunk of Node.js's own tests for the `fs` module on every commit. This works out to about +10% more of Node.js's test suite for `fs` passing in Bun.

Thanks to [@paperclover](https://github.com/paperclover) for implementing this!

### Fixed: attempt to assign to read-only property in Axios

A property in `node:http` was incorrectly marked as read-only, leading Axios to throw an error in certain cases. This release fixes that bug.

### Fixed: crash impacting `happy-dom` & `node:vm`

A regression in Bun v1.1.43 caused a crash when using `happy-dom` or `node:vm`. This release fixes this crash and adds a test to prevent it from happening again.

### Fixed: IPC with JSON serialization with Bun as the parent process

Previously, Bun would send incorrectly-formatted messages to child processes if IPC was used with `serialization` set to `"json"`. Now it always sends JSON messages in this case.

Thanks to [@nektro](https://github.com/nektro) for fixing this!

## Bugfixes

This release also includes a number of bugfixes.

### Fixed: `bun install --lockfile-only --silent` printing lockfile summary

Previously, running `bun install --lockfile-only --silent` would still print a summary of the packages saved in the lockfile, despite the `--silent` option. Now the `--silent` option is respected.

Thanks to [@DonIsaac](https://github.com/DonIsaac) for fixing this!

### Fixed: Regression with `expect.extend()`

A change to our JavaScriptCore bindings in Bun v1.1.43 caused `expect.extend()` to ignore properties on prototype objects, causing some test matcher libraries to not work properly. This release fixes this regression.

Thanks to [@pfgithub](https://github.com/pfgithub) for fixing this!

### Fixed: missing `x-amz-acl` header in S3 client

Bun's [S3 client](https://bun.sh/docs/api/s3) was missing the `x-amz-acl` header in certain cases.

Thanks to [@robertshuford](https://github.com/robertshuford) for fixing this!

### Fixed: `expect().toThrow()` now matches `expect().toThrow("")`

In Jest & Vitest, when you run `expect(a).toThrow("")`, it behaves the same as `expect(a).toThrow()`. In `bun:test`, it was throwing an error. We've changed this to match Jest & Vitest so that it's a little bit easier to migrate your tests.

Thanks to [@DonIsaac](https://github.com/DonIsaac) for fixing this!

### Fixed: error handling in `HTMLRewriter`

A crash has been fixed in Bun's `HTMLRewriter` API when a JavaScript exception was thrown. Now these errors are propagated correctly.

### Fixed: slicing S3 file with offset 0

Calling `slice()` on a file returned by Bun's S3 client would previously have no effect with an offset set to zero. Now the file is properly truncated via an HTTP range request.

Thanks to [@cirospaciari](https://github.com/cirospaciari) for fixing this!

### Fixed: Missing authorization with private npm packages

When parsing `.npmrc` config files, prior versions of Bun did not apply auth configuration to scoped registries if a default registry had the same hostname as the scoped registry. For instance, if you need to access private packages on `npmjs.org` you would set a token so that npm's servers know you are allowed to access those packages:

```text#.npmrc
//registry.npmjs.org/:_authToken=<AUTH_TOKEN>
```

Since `registry.npmjs.org` is one of the default registries, Bun would not send the authentication token and you would not have been able to download private packages. Now the configuration options are all applied correctly.

Thanks to [@robertshuford](https://github.com/robertshuford) for fixing this!

## More improvements

### console.warn is yellow

When you `console.warn` an `Error` object, the `name` property is now yellow instead of red. This tells you that it was a warning and not an error.

{% image src="https://github.com/user-attachments/assets/f7772323-b766-48ef-a004-8325c247e92a" /%}

Additionally, when the name property is `"Error"`, it prints `"warn"` instead of `"error"` to make it clearer that it's a warning and not an error.

### Consistent help message colorization

The `--help` messages for Bun's subcommands are now more consistent in their formatting and colorization.

Thanks to [@fel1x-developer](https://github.com/fel1x-developer) for fixing this!

### Help message for `bun exec --help`

A bug in command-line parsing was causing `bun exec --help` to reuse the help message from `bun run`. Now it correctly prints its own help message.

Thanks to [@RiskyMH](https://github.com/RiskyMH) for fixing this!

### Updated root certificates

Bun's built-in root certificates have been updated to NSS 3.107. These are the same certificates that shipped in Firefox 134.

Thanks to [@cirospaciari](https://github.com/cirospaciari) for implementing this!

### Improved `bundleDependencies` support in `bun publish` and `bun pm pack`

The `bundleDependencies` (or `bundledDependencies`) option in `package.json` allows a package to include the source code of its dependencies in the tarball published to the registry, instead of requiring the dependencies to be downloaded separately. Bun previously recognized the array form of this option in `bun pm pack` and `bun pm publish`, which allows specifying a list of dependencies to be bundled. But we hadn't supported setting this flag to `true`, which is shorthand for specifying that all dependencies should be bundled. Now we do support this. We've also added support for bundling [scoped packages](https://docs.npmjs.com/creating-and-publishing-scoped-public-packages) as dependencies.

Thanks to [@RiskyMH](https://github.com/RiskyMH) for implementing this!

## Thanks to 21 contributors!

- [@190n](https://github.com/190n)
- [@arnaudbarre](https://github.com/arnaudbarre)
- [@cainba](https://github.com/cainba)
- [@cirospaciari](https://github.com/cirospaciari)
- [@citkane](https://github.com/citkane)
- [@donisaac](https://github.com/donisaac)
- [@dtinth](https://github.com/dtinth)
- [@fel1x-developer](https://github.com/fel1x-developer)
- [@gobd](https://github.com/gobd)
- [@heimskr](https://github.com/heimskr)
- [@jarred-sumner](https://github.com/jarred-sumner)
- [@kjjd84](https://github.com/kjjd84)
- [@lcrespom](https://github.com/lcrespom)
- [@nektro](https://github.com/nektro)
- [@paperclover](https://github.com/paperclover)
- [@pfgithub](https://github.com/pfgithub)
- [@riskymh](https://github.com/riskymh)
- [@robertshuford](https://github.com/robertshuford)
- [@sroussey](https://github.com/sroussey)
- [@versecafe](https://github.com/versecafe)
- [@yooneskh](https://github.com/yooneskh)