evidence-bundle-diff is a pure-transform library and CLI: it reads two JSON manifest files, compares them, and emits a diff structure. No network listener, no remote fetch, no execution of user-supplied code, no signature verification.
Only the latest tagged release is supported.
Please use GitHub Security Advisories for private disclosure:
Do not file public issues for security reports.