Skip to main content
Emil Grużalski

Yarn vs Bun

·698 words·4 mins
Author
Emil Grużalski
Cloud Infrastructure & Automation

The problem with Yarn
#

I’ve been using Yarn Classic (1.x) for a while — both locally and in CI/CD workflows. It works, but two things kept bugging me:

  • Slow installs in CI — even with caching, yarn install was consistently the longest step in my pipelines. On a medium-sized project it could easily eat 40–60 seconds, sometimes more.
  • Dependency resolution quirks — every now and then Yarn would get confused with peer dependencies or produce slightly different lockfile results across environments. Nothing catastrophic, but enough to waste time debugging.

Giving Bun a chance
#

Bun isn’t as mature as Yarn or npm. It’s younger, the ecosystem around it is still growing, and I had my doubts. But the promise of a faster package manager written in Zig with native-speed installs was hard to ignore.

So I swapped yarn install for bun install in a few pipelines and ran them side by side for a couple of weeks.

Benchmark setup
#

All measurements were taken on GitHub Actions public runners (ubuntu-24.04, 4 vCPU, 16 GB RAM) against a medium-sized JavaScript project. Each scenario was executed multiple times to confirm consistency.

  • Yarn version: 1.22.x (Classic)
  • Bun version: 1.3.x
  • Cold install: no cache, no node_modules present
  • Warm install: global cache populated, no node_modules present

The full benchmark configuration is available at github.com/emilgruzalski/yarn-vs-bun.

Results
#

Cold installWarm install
Bun1.8s0.3s
Yarn20.5s4.3s
Speedup~11×~15×

The difference was immediate and consistent across runs. Cold installs dropped from over 20 seconds to under 2. Warm installs completed in a fraction of a second. In CI, where pipelines run dozens of times a day, that reduction compounds quickly.

For context, Bun’s documentation claims up to 25× faster installs compared to npm. My benchmarks compare against Yarn Classic specifically, so the numbers aren’t directly comparable to that claim — but the practical impact on pipeline duration speaks for itself.

A few other things that stood out:

  • No dependency issues in testing — over two weeks of parallel runs, bun install resolved everything correctly. No peer dependency conflicts, no phantom dependencies, no lockfile drift between environments. This is a limited sample — larger monorepos or projects with unusual dependency graphs may surface edge cases — but within my scope, resolution was consistent.
  • Drop-in replacement — Bun reads package.json the same way, supports workspaces, overrides, and migrates from other lockfiles automatically. Switching required almost no config changes.
  • bun ci for reproducible builds — equivalent to --frozen-lockfile, it fails if package.json is out of sync with bun.lock. Exactly what you want in a pipeline.

The maturity question
#

Is Bun production-ready as a package manager? Based on my testing — yes, with caveats. The runtime side of Bun (replacing Node.js) is a different conversation, but as a package manager it’s been stable in my workflows.

The bun.lock format switched from binary to a human-readable text format in Bun 1.2, which makes diffs and code reviews practical. Lifecycle scripts are sandboxed by default (they don’t run unless you explicitly trust a package), which reduces the attack surface from supply-chain compromises — a meaningful security improvement over the default behavior of Yarn and npm.

That said, there are trade-offs to consider:

  • Ecosystem maturity — Bun’s package manager is younger than Yarn and npm. Edge cases in large monorepos, private registries, or complex publishing workflows may exist that I haven’t encountered.
  • Community and tooling — Yarn has a larger base of plugins, documentation, and community knowledge. Troubleshooting Bun-specific issues may require more effort.
  • Version stability — Bun is under active development and may introduce breaking changes between versions. Pinning the version in CI is advisable.
  • Yarn Classic vs Berry — these benchmarks were run against Yarn Classic (1.x). Yarn Berry (2.x+) with PnP or node_modules linker may produce different results.

Verdict
#

Based on two weeks of parallel testing on GitHub Actions, Bun proved to be a stable and significantly faster replacement for Yarn Classic as a package manager. Install times dropped by an order of magnitude with minimal migration effort.

If your CI pipelines spend noticeable time on yarn install, bun install is worth evaluating. The migration path is straightforward and the performance gains are immediate.