feat(ai-isolate): add native QuickJS Code Mode isolate driver for Bun

[lithdew]

🎯 Changes

Adds a new Code Mode isolate driver, @tanstack/ai-isolate-quickjs-bun, that runs QuickJS natively on Bun via bun:ffi (through quickjs-bun) rather than WebAssembly.

It implements the existing IsolateDriver contract from @tanstack/ai-code-mode, so it's a drop-in replacement for @tanstack/ai-isolate-quickjs on Bun servers:

import { createQuickJSBunIsolateDriver } from '@tanstack/ai-isolate-quickjs-bun'
import { createCodeModeTool } from '@tanstack/ai-code-mode'

const executeTypescript = createCodeModeTool({
  driver: createQuickJSBunIsolateDriver(),
  tools: [myTool],
})

Why

On Bun, the existing WASM driver (quickjs-emscripten) is both slower and, in my testing, unreliable for async host tool calls. Its asyncify bridge crashes the shared WASM module (memory access out of bounds) and hangs once a single execution makes ≥ 4 sequential awaited tool calls (reproduced on Node 22 and Bun 1.3.14). quickjs-bun maps the QuickJS C API directly through bun:ffi, giving each context its own native runtime with no asyncify and no shared-VM serialization.

Benchmarks

packages/ai-isolate-quickjs-bun/benchmarks/compare-with-wasm.ts, both drivers driven through the public IsolateDriver interface (Apple M-series, darwin/arm64; Bun 1.3.14 for the native driver, Node 22 for the WASM driver as its native habitat):

Scenario (fresh context per run)	QuickJS Bun	QuickJS WASM (Node)
Cold start (first context + run)	~130 ms	~20 ms
return 1 + 1	~0.7 ms	~10 ms (≈14× WASM)
3 sequential tool calls	~0.9 ms	see note ¹
8 sequential tool calls	~1.0 ms	see note ¹
compute (fib(20))	~5.0 ms	see note ¹
return 1 + 1 (reused context)	~0.04 ms	—

¹ The WASM driver's asyncified host tool calls repeatedly crash the shared WASM module and hang subsequent executions (≥ 4 sequential awaited host calls per process), on both Node 22 and Bun 1.3.14. Sync-only workloads are unaffected. WASM wins cold start (one-time WASM instantiate vs TinyCC compile of the QuickJS sources); the native driver wins steady-state per-execution by ~14× on the trivial case.

Notes

The suites are gated with describe.skipIf(typeof Bun === 'undefined'), mirroring how @tanstack/ai-isolate-node skips when its native addon is unavailable — would like to know if it is fine to add a oven-sh/setup-bun job (pnpm --filter @tanstack/ai-isolate-quickjs-bun test:bun) so that the full test suite is ran in CI.

✅ Checklist

• I have followed the steps in the Contributing guide.
• I have tested this code locally with pnpm run test:pr.

🚀 Release Impact

• This change affects published code, and I have generated a changeset.
• This change is docs/CI/dev-only (no release).

Summary by CodeRabbit

• New Features
  • Added a Bun-native QuickJS isolate driver for Code Mode (@tanstack/ai-isolate-quickjs-bun, drop-in for Bun), using bun:ffi with configurable timeout, memoryLimit, maxStackSize, and maxToolCalls (default 1000) and normalized limit/timeout error behavior.
• Documentation
  • Updated Code Mode and isolate-driver guides, comparisons, READMEs, and skills to include the new QuickJS Bun driver and how to choose it for Bun servers.
• Examples
  • Updated the Code Mode web example to expose a new quickjs-bun driver option.
• Tests & Benchmarks
  • Added Bun-only isolation/escape and driver behavior tests, plus benchmarks comparing native Bun QuickJS vs WASM.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 730db699-dffb-4cd3-860e-85c67bf4d4bf

📥 Commits

Reviewing files that changed from the base of the PR and between ab73851 and 4a6f884.

📒 Files selected for processing (9)

• .changeset/quickjs-bun-isolate-driver.md
• docs/code-mode/code-mode-isolates.md
• docs/code-mode/code-mode.md
• docs/comparison/vercel-ai-sdk.md
• docs/config.json
• examples/ts-code-mode-web/package.json
• examples/ts-code-mode-web/src/components/ToolSidebar.tsx
• examples/ts-code-mode-web/src/lib/create-isolate-driver.ts
• examples/ts-code-mode-web/vite.config.ts

✅ Files skipped from review due to trivial changes (5)

• examples/ts-code-mode-web/package.json
• .changeset/quickjs-bun-isolate-driver.md
• examples/ts-code-mode-web/vite.config.ts
• docs/comparison/vercel-ai-sdk.md
• docs/config.json

🚧 Files skipped from review as they are similar to previous changes (3)

• examples/ts-code-mode-web/src/lib/create-isolate-driver.ts
• examples/ts-code-mode-web/src/components/ToolSidebar.tsx
• docs/code-mode/code-mode-isolates.md

---

📝 Walkthrough

Walkthrough

Adds a new Bun-native QuickJS isolate driver package, wires it into the example app and Code Mode docs, and includes validation, benchmarking, and release metadata updates.

Changes

Bun QuickJS Isolate Driver

Layer / File(s)	Summary
Package bootstrap and exports packages/ai-isolate-quickjs-bun/package.json, packages/ai-isolate-quickjs-bun/tsconfig.json, packages/ai-isolate-quickjs-bun/vite.config.ts, knip.json, packages/ai-isolate-quickjs-bun/src/index.ts	Adds the new package manifest, TypeScript/Vite config, workspace entry, and barrel exports for the Bun QuickJS isolate driver package.
Runtime, context, and driver implementation packages/ai-isolate-quickjs-bun/src/error-normalizer.ts, packages/ai-isolate-quickjs-bun/src/isolate-driver.ts, packages/ai-isolate-quickjs-bun/src/isolate-context.ts	Implements Bun-only QuickJS loading, driver creation, per-context runtime setup, execution serialization, tool-call plumbing, console capture, disposal, timeout handling, and normalized error mapping.
Driver validation and sandbox tests packages/ai-isolate-quickjs-bun/tests/isolate-driver.test.ts, packages/ai-isolate-quickjs-bun/tests/escape-attempts.test.ts	Adds Bun-gated tests covering execution behavior, tool calls, limits, logging, disposal, error normalization, runtime contract checks, and sandbox escape attempts.
Native vs WASM benchmark harness packages/ai-isolate-quickjs-bun/benchmarks/compare-with-wasm.ts	Adds a benchmark runner comparing native Bun QuickJS and WASM QuickJS across guarded scenarios with hang handling.
Example app driver wiring examples/ts-code-mode-web/package.json, examples/ts-code-mode-web/src/components/ToolSidebar.tsx, examples/ts-code-mode-web/src/lib/create-isolate-driver.ts, examples/ts-code-mode-web/vite.config.ts	Adds the new driver dependency, exposes it in the UI, wires dynamic driver creation, and updates Vite exclusions.
Documentation and release-note rollout packages/ai-code-mode/README.md, packages/ai-code-mode/skills/ai-code-mode/SKILL.md, packages/ai-isolate-quickjs-bun/README.md, docs/code-mode/code-mode-isolates.md, docs/code-mode/code-mode.md, docs/comparison/vercel-ai-sdk.md, docs/config.json, .changeset/quickjs-bun-isolate-driver.md	Updates Code Mode docs, package README, comparison docs, navigation metadata, and release notes to describe the Bun-native QuickJS driver and its contract.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60 minutes

Possibly related PRs

• TanStack/ai#697: Overlaps on the Code Execution / isolate-driver documentation and driver-comparison area.

Suggested reviewers

• tombeckenham
• KevinVandy

Poem

🐰 I hopped into Bun with QuickJS in tow,
Native sandboxes humming nice and low.
Timeouts, limits, and tools in a hop,
Logs stay clipped when the bytes won't stop.
A tiny carrot cheer — ship it, then go!

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 35.29% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title is concise and accurately describes the main change: a native QuickJS isolate driver for Bun.
Description check	✅ Passed	The description matches the template sections and includes changes, checklist, release impact, motivation, and benchmarks.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands.}

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	@​types/​bun@​1.3.14
	quickjs-bun@​0.1.2

View full report

[socket-security]

All alerts resolved. Learn more about Socket for GitHub.

This PR previously contained dependency changes with security issues that have been resolved, removed, or ignored.

View full report

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (2)

examples/ts-code-mode-web/src/components/ToolSidebar.tsx (1)

106-111: 💤 Low value

Consider runtime detection for better UX.

The option is marked available: true unconditionally, so users on Node.js can select it but will encounter a runtime error when the driver attempts to create a context. While the description warns "requires running the server with Bun," detecting the runtime at page load and conditionally setting available: false on Node would prevent confusing errors.

🎨 Optional runtime detection pattern

  {
    id: 'quickjs-bun',
    name: 'QuickJS Bun',
    description: 'Native QuickJS engine (requires running the server with Bun)',
-   available: true,
+   available: typeof Bun !== 'undefined',
  },

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@examples/ts-code-mode-web/src/components/ToolSidebar.tsx` around lines 106 -
111, The quickjs-bun item in ToolSidebar.tsx currently hard-codes available:
true, which allows Node clients to select it and hit runtime errors; change it
to compute availability at load time (e.g., derive a boolean like isBunRuntime
from a server-provided endpoint or a prop/initial state and set available:
isBunRuntime) so the entry for id 'quickjs-bun' is disabled when the
server/runtime is not Bun; update the ToolSidebar component to fetch or accept
the runtime indicator (or feature flag) and use that to set the available
property for the 'quickjs-bun' item and the UI disabled state.

packages/ai-isolate-quickjs-bun/src/isolate-driver.ts (1)

141-142: 💤 Low value

Consider caching the module import alongside the library.

importQuickJSBun() is called on every createContext() invocation. While JavaScript runtimes cache dynamic imports, you could align this with the libraryPromise pattern for consistency and to make the caching explicit.

♻️ Suggested refactor

-let libraryPromise: Promise<QuickJS> | undefined
+let modulePromise: Promise<QuickJSBunModule> | undefined
+let libraryPromise: Promise<QuickJS> | undefined

+async function loadQuickJSModule(): Promise<QuickJSBunModule> {
+  modulePromise ??= importQuickJSBun()
+  try {
+    return await modulePromise
+  } catch (error) {
+    modulePromise = undefined
+    throw error
+  }
+}

 async function loadQuickJSLibrary(): Promise<QuickJS> {
-  libraryPromise ??= importQuickJSBun().then((mod) => new mod.QuickJS())
+  libraryPromise ??= loadQuickJSModule().then((mod) => new mod.QuickJS())
   // ...
 }

Then in createContext:

-      const quickjs = await importQuickJSBun()
+      const quickjs = await loadQuickJSModule()
       const library = await loadQuickJSLibrary()

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@packages/ai-isolate-quickjs-bun/src/isolate-driver.ts` around lines 141 -
142, importQuickJSBun() is being invoked on every createContext() call; make
this explicit and consistent with the existing libraryPromise pattern by caching
the dynamic import result. Add a top-level promise (e.g., quickjsModulePromise)
that stores importQuickJSBun(), use that cached promise inside createContext()
instead of calling importQuickJSBun() directly, and ensure you still await
loadQuickJSLibrary() (libraryPromise) as before so both the module and library
are only loaded once.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@docs/code-mode/code-mode-isolates.md`:
- Around line 115-120: The markdown link in the QuickJS Bun Driver paragraph
uses backticks around the link text
(`[quickjs-bun](https://github.com/superpowerdotcom/quickjs-bun)`) which
prevents it rendering as a proper clickable link; update the text in the QuickJS
Bun Driver section (the line containing
`[quickjs-bun](https://github.com/superpowerdotcom/quickjs-bun)`) to either use
monospace label with a linked URL like via the
[`quickjs-bun`](https://github.com/superpowerdotcom/quickjs-bun) package or a
normal link via the
[quickjs-bun](https://github.com/superpowerdotcom/quickjs-bun) package so the
link renders correctly.

---

Nitpick comments:
In `@examples/ts-code-mode-web/src/components/ToolSidebar.tsx`:
- Around line 106-111: The quickjs-bun item in ToolSidebar.tsx currently
hard-codes available: true, which allows Node clients to select it and hit
runtime errors; change it to compute availability at load time (e.g., derive a
boolean like isBunRuntime from a server-provided endpoint or a prop/initial
state and set available: isBunRuntime) so the entry for id 'quickjs-bun' is
disabled when the server/runtime is not Bun; update the ToolSidebar component to
fetch or accept the runtime indicator (or feature flag) and use that to set the
available property for the 'quickjs-bun' item and the UI disabled state.

In `@packages/ai-isolate-quickjs-bun/src/isolate-driver.ts`:
- Around line 141-142: importQuickJSBun() is being invoked on every
createContext() call; make this explicit and consistent with the existing
libraryPromise pattern by caching the dynamic import result. Add a top-level
promise (e.g., quickjsModulePromise) that stores importQuickJSBun(), use that
cached promise inside createContext() instead of calling importQuickJSBun()
directly, and ensure you still await loadQuickJSLibrary() (libraryPromise) as
before so both the module and library are only loaded once.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: efa0ea2b-d53c-4c49-ac81-f8007e2d5a1d

📥 Commits

Reviewing files that changed from the base of the PR and between 984ac3c and ac5ba14.

⛔ Files ignored due to path filters (1)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (23)

• .changeset/quickjs-bun-isolate-driver.md
• docs/code-mode/code-mode-isolates.md
• docs/code-mode/code-mode.md
• docs/comparison/vercel-ai-sdk.md
• docs/config.json
• examples/ts-code-mode-web/package.json
• examples/ts-code-mode-web/src/components/ToolSidebar.tsx
• examples/ts-code-mode-web/src/lib/create-isolate-driver.ts
• examples/ts-code-mode-web/vite.config.ts
• knip.json
• packages/ai-code-mode/README.md
• packages/ai-code-mode/skills/ai-code-mode/SKILL.md
• packages/ai-isolate-quickjs-bun/README.md
• packages/ai-isolate-quickjs-bun/benchmarks/compare-with-wasm.ts
• packages/ai-isolate-quickjs-bun/package.json
• packages/ai-isolate-quickjs-bun/src/error-normalizer.ts
• packages/ai-isolate-quickjs-bun/src/index.ts
• packages/ai-isolate-quickjs-bun/src/isolate-context.ts
• packages/ai-isolate-quickjs-bun/src/isolate-driver.ts
• packages/ai-isolate-quickjs-bun/tests/escape-attempts.test.ts
• packages/ai-isolate-quickjs-bun/tests/isolate-driver.test.ts
• packages/ai-isolate-quickjs-bun/tsconfig.json
• packages/ai-isolate-quickjs-bun/vite.config.ts

[lithdew]

Rebased to the latest origin/main and fixed merge conflicts.