This does help. Even before, I was pretty careful about what I used, not just for security but also simplicity. Nowadays it's even easier to LLM-generate utils that one might've installed a dep for in the past.

LLMs will happily copy-paste malware or add them as dependencies

this kicks the can down the road until we get supply chain attacks through LLM poisoning, like we already do with propaganda

or just vendor your deps like we have been doing for decades.