bun add
Add packages to your project with Bun's fast package manager
To add a particular package:
To specify a version, version range, or tag:
bun add zod@3.20.0
bun add zod@^3.0.0
bun add zod@latest
--dev
<Note>Alias — --development, -d, -D</Note>
To add a package as a dev dependency ("devDependencies"):
bun add --dev @types/react
bun add -d @types/react
--optional
To add a package as an optional dependency ("optionalDependencies"):
bun add --optional lodash
--peer
To add a package as a peer dependency ("peerDependencies"):
bun add --peer @types/bun
--exact
<Note>Alias — -E</Note>
To add a package and pin to the resolved version, use --exact. This will resolve the version of the package and add it to your package.json with an exact version number instead of a version range.
bun add react --exact
bun add react -E
This will add the following to your package.json:
{
"dependencies": {
// without --exact
"react": "^18.2.0", // this matches >= 18.2.0 < 19.0.0
// with --exact
"react": "18.2.0" // this matches only 18.2.0 exactly
}
}
To view a complete list of options for this command:
--global
<Note>
**Note** — This would not modify package.json of your current project folder. **Alias** - `bun add --global`, `bun add
-g`, `bun install --global` and `bun install -g`
</Note>
To install a package globally, use the -g/--global flag. This will not modify the package.json of your current project. Typically this is used for installing command-line tools.
bun add --global cowsay # or `bun add -g cowsay`
cowsay "Bun!"
______
< Bun! >
------
\ ^__^
\ (oo)\_______
(__)\ )\/\
||----w |
|| ||
<Accordion title="Configuring global installation behavior">
```toml bunfig.toml icon="settings" theme={"theme":{"light":"github-light","dark":"dracula"}}
[install]
# where `bun add --global` installs packages
globalDir = "~/.bun/install/global"
where globally-installed package bins are linked
globalBinDir = "~/.bun/bin"
</Accordion>
## Trusted dependencies
Unlike other npm clients, Bun does not execute arbitrary lifecycle scripts for installed dependencies, such as `postinstall`. These scripts represent a potential security risk, as they can execute arbitrary code on your machine.
To tell Bun to allow lifecycle scripts for a particular package, add the package to `trustedDependencies` in your package.json.
```json package.json icon="file-json" theme={"theme":{"light":"github-light","dark":"dracula"}}
{
"name": "my-app",
"version": "1.0.0",
"trustedDependencies": ["my-trusted-package"] // [!code ++]
}
Bun reads this field and will run lifecycle scripts for my-trusted-package.
Git dependencies
To add a dependency from a public or private git repository:
bun add git@github.com:moment/moment.git
<Note>
To install private repositories, your system needs the appropriate SSH credentials to access the repository.
</Note>
Bun supports a variety of protocols, including github, git, git+ssh, git+https, and many more.
{
"dependencies": {
"dayjs": "git+https://github.com/iamkun/dayjs.git",
"lodash": "git+ssh://github.com/lodash/lodash.git#4.17.21",
"moment": "git@github.com:moment/moment.git",
"zod": "github:colinhacks/zod"
}
}
Tarball dependencies
A package name can correspond to a publicly hosted .tgz file. During installation, Bun will download and install the package from the specified tarball URL, rather than from the package registry.
bun add zod@https://registry.npmjs.org/zod/-/zod-3.21.4.tgz
This will add the following line to your package.json:
{
"dependencies": {
"zod": "https://registry.npmjs.org/zod/-/zod-3.21.4.tgz"
}
}
CLI Usage
bun add <package> <@version>
Dependency Management
<ParamField path="--production" type="boolean">
Don't install devDependencies. Alias: <code>-p</code>
</ParamField>
<ParamField path="--omit" type="string">
Exclude <code>dev</code>, <code>optional</code>, or <code>peer</code> dependencies from install
</ParamField>
<ParamField path="--global" type="boolean">
Install globally. Alias: <code>-g</code>
</ParamField>
<ParamField path="--dev" type="boolean">
Add dependency to <code>devDependencies</code>. Alias: <code>-d</code>
</ParamField>
<ParamField path="--optional" type="boolean">
Add dependency to <code>optionalDependencies</code>
</ParamField>
<ParamField path="--peer" type="boolean">
Add dependency to <code>peerDependencies</code>
</ParamField>
<ParamField path="--exact" type="boolean">
Add the exact version instead of the <code>^</code> range. Alias: <code>-E</code>
</ParamField>
<ParamField path="--only-missing" type="boolean">
Only add dependencies to <code>package.json</code> if they are not already present
</ParamField>
Project Files & Lockfiles
<ParamField path="--yarn" type="boolean">
Write a <code>yarn.lock</code> file (yarn v1). Alias: <code>-y</code>
</ParamField>
<ParamField path="--no-save" type="boolean">
Don't update <code>package.json</code> or save a lockfile
</ParamField>
<ParamField path="--save" type="boolean" default="true">
Save to <code>package.json</code> (true by default)
</ParamField>
<ParamField path="--frozen-lockfile" type="boolean">
Disallow changes to lockfile
</ParamField>
<ParamField path="--trust" type="boolean">
Add to <code>trustedDependencies</code> in the project's <code>package.json</code> and install the package(s)
</ParamField>
<ParamField path="--save-text-lockfile" type="boolean">
Save a text-based lockfile
</ParamField>
<ParamField path="--lockfile-only" type="boolean">
Generate a lockfile without installing dependencies
</ParamField>
Installation Control
<ParamField path="--dry-run" type="boolean">
Don't install anything
</ParamField>
<ParamField path="--force" type="boolean">
Always request the latest versions from the registry & reinstall all dependencies. Alias: <code>-f</code>
</ParamField>
<ParamField path="--no-verify" type="boolean">
Skip verifying integrity of newly downloaded packages
</ParamField>
<ParamField path="--ignore-scripts" type="boolean">
Skip lifecycle scripts in the project's <code>package.json</code> (dependency scripts are never run)
</ParamField>
<ParamField path="--analyze" type="boolean">
Recursively analyze & install dependencies of files passed as arguments (using Bun's bundler). Alias:{" "}
<code>-a</code>
</ParamField>
Network & Registry
<ParamField path="--ca" type="string">
Provide a Certificate Authority signing certificate
</ParamField>
<ParamField path="--cafile" type="string">
Same as <code>--ca</code>, but as a file path to the certificate
</ParamField>
<ParamField path="--registry" type="string">
Use a specific registry by default, overriding <code>.npmrc</code>, <code>bunfig.toml</code>, and environment
variables
</ParamField>
<ParamField path="--network-concurrency" type="number" default="48">
Maximum number of concurrent network requests (default 48)
</ParamField>
Performance & Resource
<ParamField path="--backend" type="string" default="clonefile">
Platform-specific optimizations for installing dependencies. Possible values: <code>clonefile</code> (default),{" "}
<code>hardlink</code>, <code>symlink</code>, <code>copyfile</code>
</ParamField>
<ParamField path="--concurrent-scripts" type="number" default="5">
Maximum number of concurrent jobs for lifecycle scripts (default 5)
</ParamField>
Caching
<ParamField path="--cache-dir" type="string">
Store & load cached data from a specific directory path
</ParamField>
<ParamField path="--no-cache" type="boolean">
Ignore manifest cache entirely
</ParamField>
Output & Logging
<ParamField path="--silent" type="boolean">
Don't log anything
</ParamField>
<ParamField path="--verbose" type="boolean">
Excessively verbose logging
</ParamField>
<ParamField path="--no-progress" type="boolean">
Disable the progress bar
</ParamField>
<ParamField path="--no-summary" type="boolean">
Don't print a summary
</ParamField>
Global Configuration & Context
<ParamField path="--config" type="string">
Specify path to config file (<code>bunfig.toml</code>). Alias: <code>-c</code>
</ParamField>
<ParamField path="--cwd" type="string">
Set a specific current working directory
</ParamField>
Help
<ParamField path="--help" type="boolean">
Print this help menu. Alias: <code>-h</code>
</ParamField>