Should bun.lockb file be versioned?

Question

I'm migrating a Laravel+Sail project to use bun instead nodejs.

According the Bun docs, after run bun i, a binary lockfile named bun.lockb (similar to yarn.lock) is created to increase performance. Should I add this file into my .gitignore file?

Answer 1

It should if you want reproducible builds, which you probably do for any big project. For small experiments you don't really need it. The bun documentation you linked to also has steps explaining how to configure your local git to properly show diffs for it.

As to whether it is a good idea to version a binary file is another topic. The diff would not display on GitHub and versioning a binary file that changes often might lead to a big increase in the repository size, depending on how stable the changes to the file are and how efficiently it can be compressed - a topic which is not mentioned at all in the bun docs.

To stay on the safe side until you're sure that bun.lockd won't bloat your repository you could opt out of the bun binary lock and use the yarn text lock, but I haven't tried it.

Edit: I did a quick test with bun lockfile vs pnpm lockfile on a project with around 900 packages installed (basically a modern javascript hello world). These are the sizes it generated.

100866 bun-both.7z
100620 bun-old.7z
 84577 pnpm-both.7z
 82288 pnpm-old.7z

The -old file is the initial compressed lock file. The -both file contains the initial lock + a new lock generated when I update one of the big dependencies in the project (Vite). The initial bun binary is larger, but when compressed it adds less to the overall size. So it seems to not be as bad as I initially thought