Bun's unreleased Rust port contains 13,365 unsafe blocks, according to a pre-release audit. The JavaScript runtime still ships with its original Zig implementation, making this analysis a snapshot before public release. Five functions currently exhibit undefined behavior, representing genuine bugs beyond the unsafe block count.

Three root causes account for two-thirds of the unsafe code: FFI boundaries, ownership patterns carried over from the Zig port, and performance optimizations. Only 3% of unsafe blocks exist purely for performance reasons. The audit used a single ripgrep command to catalog every instance, then sorted them by removal complexity.

Roughly ~9,300 unsafe blocks can convert to safe Rust, while ~4,000 must remain due to FFI requirements. The measurement compared Bun against other Rust runtimes like Deno, which splits bindings into separate crates. Bun keeps bindings and runtime in one workspace.

The methodology provides raw data and reproducible commands for verification. This audit establishes baseline safety metrics before the Rust port ships, giving developers concrete numbers to track improvement against. The public dataset enables independent validation of the findings.