Constant time is not a design consideration for num-bigint. Even if it happens to be so today for some operations, I would happily accept changes that improve performance in non-constant ways.
Didn't look num-bigint's code yet, but generally bigints are implemented as a union of inlined number and a vector of it. So even simple reading of it will or will not require memory indirection and thus possible cache miss based on runtime value, which is a HUGE difference in cryptographic context.
Thank you. Yes, timing is only the most obvious side channel to consider. But if functions don't even attempt to address timing attacks, I can assume that they will make no effort to address others.