One Anthropic Engineer Rewrites Bun In Rust In 11 Days With AI, Says Would’ve Taken 3 Engineers A Year Earlier

The gains in coding productivity using cutting-edge AI tools continue to generate some incredible results.

Jarred Sumner, the creator of the JavaScript runtime Bun, has published a detailed account of rewriting Bun’s entire codebase from Zig to Rust in 11 days, using Claude Code and a pre-release version of Claude Fable 5. Sumner estimates the same project would have taken three engineers with full context on the codebase roughly a year by hand, during which Bun’s bug fixes, security patches and new features would have effectively been frozen.

Bun was acquired by Anthropic in December 2025, and Sumner and the rest of the Bun team now work there. Bun itself began life as a port of esbuild’s transpiler from Go to Zig, written by Sumner alone in a year, and has since grown into a sprawling project that combines a JavaScript and TypeScript bundler, an npm-compatible package manager, a test runner, and reimplementations of dozens of Node.js APIs. That scope came at a cost: Sumner’s post opens with a long list of memory-safety bugs the team fixed in a single recent release, including several use-after-free and double-free crashes, along with memory leaks scattered across the codebase’s socket, crypto and TLS handling.

Zig, the language Bun was originally written in, gives programmers manual control over memory but no compiler-enforced guarantees against forgetting to free something or freeing it twice. Sumner writes that the team had already added Address Sanitizer support, fuzzing, and Windows safety checks to catch these issues, but the underlying pattern kept recurring. Rust’s borrow checker and its Drop trait, which automatically runs cleanup code when a value goes out of scope, turn most of that class of bug into compiler errors instead of runtime crashes. A style guide enforced through code review, Sumner argues, is a weaker line of defense than a compiler that refuses to build broken code.

How the rewrite actually worked

Sumner’s account is less about typing a single prompt and more about running dozens of structured, supervised loops. He describes roughly 50 “dynamic workflows” running continuously in Claude Code over 11 days, each handling one phase of the port: generating a porting guide that mapped Zig patterns to Rust equivalents, mechanically translating every .zig file to .rs, fixing compiler errors crate by crate, getting individual CLI subcommands working, and chasing down failing tests until the whole suite passed on every platform.

Before touching the bulk of the codebase, Sumner spent about three hours talking through the port with Claude to produce a document mapping Zig idioms to Rust ones, plus a lifetimes reference for how memory ownership should translate. He then tested the approach on three files before scaling up to all 1,448.

The workflow structure leaned heavily on what Sumner calls adversarial review — one Claude instance writes the code, while two separate instances, given only the diff and told to assume it’s broken, try to find reasons it fails. The reviewers don’t see the implementer’s reasoning, only the output, which Sumner compares to how human code review works best when the reviewer has no stake in getting the change merged. He shares several examples of real bugs adversarial review caught before merge, including a use-after-free in the process-spawning code that would have shipped had the reviewing instance not flagged that a Box was being dropped before an asynchronous callback needed it.

At peak, Sumner ran four workflow shards in parallel, each with 16 Claude instances working in a separate git worktree, for around 64 running at once. He mentions hitting practical snags along the way: instances stepping on each other by running git stash or git reset, IOPS limits on the EC2 instance that briefly froze disk I/O, and an early tendency for Claude to stub out functions with compilation errors rather than fix them, and to write long comments justifying workarounds instead of fixing the underlying code.

The numbers

The scale of the port, as described in the post, is substantial. Bun’s codebase runs to 535,496 lines of Zig, excluding comments, and the diff that eventually landed added just over one million lines. Sumner logs 6,502 commits over the 11 days, with a peak of 695 commits in a single hour, and says the pre-merge run consumed 5.9 billion uncached input tokens, 690 million output tokens and 72 billion cached input token reads, putting the API cost at around $165,000.

Getting there involved fixing around 16,000 compiler errors after Sumner split the Rust codebase into roughly 100 separate crates, and driving Bun’s test suite failures down from 972 files to 23 within two days of the first continuous integration run. The rewrite introduced 19 known regressions along the way, all since fixed, most of them from code that looked identical in both languages but behaved differently — a Rust macro that erases its arguments in release builds where the Zig equivalent does not, for instance, or a bounds check that Zig’s release configuration skipped but Rust’s does not.

Sumner reports concrete gains once the rewrite shipped: memory that used to leak roughly 3 MB per Bun.build() call now levels off around 600 MB regardless of how many builds run, binary size is down about 20% on Linux and Windows, and HTTP throughput benchmarks show roughly 3-5% improvements across several server frameworks. Claude Code itself has been running on the Rust port since mid-June, with Sumner citing a 10% drop in startup time on Linux.

The broader pattern

The Bun rewrite lands alongside a run of disclosures from Anthropic-adjacent engineers about how much of their own work is now delegated to Claude. Boris Cherny has said before that the bulk of Claude Code’s own codebase is written by Claude Code, and Anthropic’s dynamic workflows feature, which lets a single session spin up hundreds of parallel subagents on a large task, shipped as a research preview alongside Opus 4.8 in May. Sumner’s post is one of the more granular public accounts of what running that kind of workflow actually looks like in practice, down to the exact prompts used to stop parallel agents from clobbering each other’s git state.

Bun v1.4.0, the first version built on the new Rust codebase, is available now in canary. Sumner notes the team has since run 11 rounds of security review and added continuous fuzzing across every parser in Bun, feeding any bugs the fuzzer finds back into Claude to generate a fix PR for human review.

Posted in AI