Why unshare with chroot does not isolate /dev like /proc?

I am following Container from scratch by Kevin Boone I have alpine mini root filesystem under /mnt/container/ I am a little puzzled about how the mount works with chroot and unshare involved. Without unshare if we do

chroot /mnt/container /bin/sh -l

we get a container(kind of) with its "/" (root) at host machine's /mnt/container. Inside the container if we run the following command;

mount -t proc proc /proc >& /dev/null
mount -t devtmpfs dev /dev/ >& /dev/null

we see that we have mounted the host system's /proc and /dev and hence we can see the processes that are running on the host with ps -ef and can create a file in /dev as well which will be created on the host. This is expected because there is still no namespace isolation. To create the namespace isolation we do;

unshare -mpfu chroot /mnt/container /bin/sh -l

and then inside the container we run

mount -t proc proc /proc >& /dev/null
mount -t devtmpfs dev /dev/ >& /dev/null

This time ps -ef will show only two processes that are inside the container. What I understand(correct me if I am wrong) is that mount -t proc proc /proc >& /dev/null did not mount the /proc of host system, but created a new directory /proc of type procfs, hence Isolation. But, and this is the question, /dev inside the container is still the same /dev of the host. I can still create files inside /dev and it shows up on host machine. Why is /dev not isolated like /proc?