2025 JavaScript Year in Review: Bun Sold, Deno Funding Crisis, React’s Rise and Fallout

Yesterday we shared the Node.js 2025 highlights; today we review the JavaScript ecosystem in 2025.

2025 was a historic year for front‑end developers as JavaScript turned 30 and the ecosystem underwent rapid transformation.

If 2024 was dominated by AI anxiety, 2025 saw the JavaScript world complete its metamorphosis.

Bun was acquired by Anthropic, bringing AI into runtime infrastructure.

TypeScript topped GitHub’s language rankings, becoming the world’s most popular language.

React Compiler was released, ending the manual‑optimization era.

Vercel bought NuxtLabs, blurring the line between Vue and React.

Other notable events include Oracle’s trademark clash, Deno’s crowdfunding, and the “resurrection” of jQuery 4.0.

January – Bun’s strong start and Express’s revival

Bun 1.2 surprised the community with performance gains as it raced to “beat Node.js”. At the same time Express 5.1 was announced, proving the veteran framework still has teeth despite the dominance of Next.js and Remix.

February – Deno’s trademark battle and TypeScript’s ambition

Deno and Oracle entered a trademark dispute over the Deno name, reminding developers that naming can provoke giants.

TypeScript 5.8 was released with further performance optimisations, and a hobbyist managed to run the game Doom entirely with TypeScript’s type system, demonstrating its near‑Turing‑complete power.

March – 3D on the web reaches new heights

Microsoft launched Babylon.js 8.0, and WebGPU made true‑3A graphics feasible in browsers.

April – Node.js Paris summit and Koa 3.0

The Node.js community gathered in Paris, and Koa 3.0 was quietly released, keeping its elegant middleware model alive for a dedicated fan base.

May – Remix shake‑up and Microsoft’s “secret weapon”

Remix underwent a major internal reorganisation. Microsoft unveiled a Go‑based preview of the TypeScript compiler, promising ten‑ to hundred‑fold faster tsc builds and signalling a shift toward Go‑centric front‑end tooling.

Glitch announced its shutdown, marking the end of an era for the code‑sharing platform.

June – Toolchain speed race

Oxlint 1.0 – a Rust‑written linter described as “fast enough to fly”.

Vite 7.0 – continues to dominate as the fastest build tool.

Biome v2 – aims to replace Prettier and ESLint with a single tool that can lint with type awareness using only tsc.

ECMAScript 2025 (ES2025) was officially approved, advancing the language itself.

July – Vercel’s “money power”

Vercel acquired NuxtLabs, giving the company control over both Next.js (React) and Nuxt (Vue) and hinting at a front‑end cloud monopoly.

Deno 2.4 was released, continuing its push for Node compatibility.

August – Veteran projects survive

TypeScript 5.9 shipped, and jQuery 4.0 entered a release‑candidate stage, showing that legacy libraries still receive updates.

September – Supply‑chain attacks and Deno’s funding scramble

npm suffered a massive phishing attack, prompting pnpm to add delayed‑dependency updates.

Deno publicly launched a $200 k crowdfunding campaign to finance its legal fight with Oracle.

October – React’s climax and GitHub’s language ranking

React Compiler v1.0 – makes useMemo and useCallback obsolete by handling dependencies automatically.

GitHub announced that TypeScript has overtaken JavaScript as the top language on the platform.

Node.js v25 was released, with Node 24 becoming LTS.

Bun 1.3 arrived, initially seen as a routine update but later recognized as a prelude to bigger changes.

November – Supply‑chain attack “Shai Hulud” and Angular v21

A mutated supply‑chain attack named “Shai Hulud” resurfaced, highlighting growing security concerns in complex front‑end engineering.

Angular v21 was released, reinforcing Google’s position in the enterprise market.

December – JavaScript turns 30, React’s security scare, and Bun’s fate

JavaScript celebrated its 30th birthday.

React Server Components exposed a critical vulnerability (CVE‑2025‑55182). Cloudflare’s misconfiguration while mitigating the issue caused a global outage affecting 28 % of traffic for 25 minutes.

Anthropic announced the acquisition of Bun, positioning the runtime as core infrastructure for millions of AI agents. Claude Code’s revenue surpassed $1 billion, and Bun’s performance and single‑file executability make it an ideal “body” for AI agents.

The acquisition signals a future where code may be written by AI and runtimes are designed for AI rather than humans.

Node.js released its first LTS version with native TypeScript support, ending the need for ts‑node.

Summary

AI permeates everything – From Anthropic’s purchase of Bun to Claude Code’s rise, AI is moving from assistance to control of the stack.

Speed is no longer the only metric – With tools like Vite, Bun, and Rust‑based linters, stability and security have become decisive factors.

Unified standards dominate – Vercel’s acquisitions and TypeScript’s top‑language status drive standardisation that lowers entry barriers.

What will 2026 bring? Perhaps we will no longer need to write code ourselves.