HN
Today

Yt-dlp – [Announcement] Bun support is now limited and deprecated

Yt-dlp is sharply curtailing and deprecating its support for the Bun JavaScript runtime, citing both security vulnerabilities in older versions and profound concerns over Bun's recent rewrite in Rust with Claude and its perceived shift to 'vibe-coded' development. This bold move sparks a heated debate on dependency management, the reliability of rapidly evolving tools, and the implications of AI-assisted, philosophy-driven coding on project stability.

38
Score
6
Comments
#3
Highest Rank
3h
on Front Page
First Seen
May 22, 6:00 PM
Last Seen
May 22, 8:00 PM
Rank Over Time
389

The Lowdown

The popular video downloading tool, yt-dlp, has announced a significant change to its support for the Bun JavaScript runtime, moving to limit and eventually deprecate it. This decision stems from a combination of immediate technical issues and broader philosophical disagreements with Bun's recent development trajectory.

  • Security & Compatibility: Yt-dlp will now only support Bun versions 1.2.11 through 1.3.14. The minimum version was raised because earlier versions of Bun failed to correctly process ejs package lockfiles, creating a significant security vulnerability. Additionally, ejs's test suite requires Bun 1.2.11 or newer.
  • Development Philosophy Shift: A major factor for deprecation is Bun's recent rewrite in Rust using Claude, which yt-dlp characterizes as 'vibe-coded' development. This perceived shift away from rigorous engineering principles is seen as a source of future maintenance headaches.
  • Version Ceiling: The support ceiling of 1.3.14 is specifically chosen as it represents the last version built from Bun's original Zig codebase, before the controversial rewrite.
  • Conditional Deprecation: While yt-dlp will maintain this narrow range of Bun support for now, it reserves the right to fully drop it if maintenance becomes too burdensome.

This announcement underscores the precarious balance open-source projects face when relying on upstream dependencies, especially those undergoing rapid and fundamental changes in their core development practices and architecture.

The Gossip

Bun's Bewildering Break

Commenters expressed a mix of disappointment and strong opinions regarding Bun's development direction. Many were saddened by the perceived shift towards 'vibe-coded' development following its Anthropic acquisition and Rust/Claude rewrite, articulating a desire for a stable, 'batteries-included' Node alternative without the perceived lack of rigor. Others critically questioned yt-dlp's rationale, labeling the 'vibe-coded' concern as purely speculative. However, counter-arguments staunchly defended yt-dlp's decision, asserting that assessing a dependency's development philosophy is a necessary, albeit speculative, part of engineering due diligence, citing a history of 'vibe-coded' projects leading to low-quality code.