DocsGuidesBlogDiscord logoGitHub logo

Intro

What is Bun?

Installation

Quickstart

TypeScript

Templates

Guides

Runtime

bun run

File types

TypeScript

JSX

Environment variables

Bun APIs

Web APIs

Node.js compatibility

Plugins

Watch mode

Module resolution

Auto-install

bunfig.toml

Debugger

Framework APISOON

Package manager

bun install

Global cache

Workspaces

Lockfile

Scopes and registries

Utilities

Bundler

Bun.build

Loaders

Plugins

Executables

Macros

vs esbuild

Test runner

bun test

Writing tests

Watch mode

Lifecycle hooks

Mocks

Snapshots

Dates and times

DOM testing

Code coverage

Package runner

bunx

API

HTTP server

WebSockets

Workers

Binary data

Streams

File I/O

import.meta

SQLite

FileSystemRouter

TCP sockets

Globals

Child processes

Transpiler

Hashing

Console

FFI

HTMLRewriter

Testing

Utils

Node-API

Project

Roadmap

Benchmarking

Development

License

Bun

Lockfile

Running bun install will create a binary lockfile called bun.lockb.

Why is it binary?

In a word: Performance. Bun’s lockfile saves & loads incredibly quickly, and saves a lot more data than what is typically inside lockfiles.

How do I inspect Bun's lockfile?

Run bun install -y to generate a Yarn-compatible yarn.lock (v1) that can be inspected more easily.

How do I git diff Bun's lockfile?

Add the following to your local or global .gitattributes file:

*.lockb binary diff=lockb

Then add the following to you local git config with:

git config diff.lockb.textconv bun
git config diff.lockb.binary true

Or to your global git config (system-wide) with the --global option:

git config --global diff.lockb.textconv bun
git config --global diff.lockb.binary true

Why this works:

  • textconv tells git to run bun on the file before diffing
  • binary tells git to treat the file as binary (so it doesn't try to diff it line-by-line)

Running bun on a lockfile will print a human-readable diff. So we just need to tell git to run bun on the lockfile before diffing it.

Platform-specific dependencies?

Bun stores normalized cpu and os values from npm in the lockfile, along with the resolved packages. It skips downloading, extracting, and installing packages disabled for the current target at runtime. This means the lockfile won’t change between platforms/architectures even if the packages ultimately installed do change.

What does Bun's lockfile store?

Packages, metadata for those packages, the hoisted install order, dependencies for each package, what packages those dependencies resolved to, an integrity hash (if available), what each package was resolved to, and which version (or equivalent).

Why is Bun's lockfile fast?

It uses linear arrays for all data. Packages are referenced by an auto-incrementing integer ID or a hash of the package name. Strings longer than 8 characters are de-duplicated. Prior to saving on disk, the lockfile is garbage-collected & made deterministic by walking the package tree and cloning the packages in dependency order.

Can I opt out?

To install without creating a lockfile:

bun install --no-save

To install a Yarn lockfile in addition to bun.lockb.

CLI flag
bunfig.toml
CLI flag
bun install --yarn
bunfig.toml
[install.lockfile]
# whether to save a non-Bun lockfile alongside bun.lockb
# only "yarn" is supported
print = "yarn"

Configuring lockfile

Previous

Workspaces

Next

Scopes and registries

GitHub logo

Edit on GitHub