I assume GP comment is referring to their software, especially cloud-deployed software, which can change under your feet like quicksand. Hardware, once assembled and in your hands, is yours to a higher degree than that. Eventually each Pixel phone will stop getting firmware updates, but Google has guaranteed 7 years of updates for the newest models.
For the future, Graphene OS devs have stated publicly that they're working with an unnamed hardware vendor to develop a phone that will meet their list of hardware requirements. Currently only the Pixel line does. From what I understand, a few Samsung phones come close, but don't support bootloader re-locking... When you unlock Samsung bootloaders it burns out a fuse on the board which in turn completely disables Knox, their architecture for a trusted execution environment.
Personally, I am not too interested in the "security" features of Graphene. There is at least a subset of Graphene users who only care about "security" and go as far as recommending the use of sandboxed Play Services over F-Droid because of it. They despise rooting, sideloading and other mods that give user control.
Yeah, that's fair enough. Security and privacy aren't totally mutually excluse, but there are absolutely tradeoffs. And security in a modern threat environment and customizability (at root level) are pretty much non-overlapping circles on a venn diagram.
My perspective is that I want one or two devices in my life, ideally one phone and then either a tablet or small laptop, which are maximally secure and almost never leave my direct custody. I am willing to give up root on these devices to achieve that level of security. Though I'll note that sideloading apps is absolutely possible on Graphene OS.
There are plenty of other general purpose computers at home on which I have root access and can use to tinker and experiment to my heart's content, and which I do not use for highly sensitive personal information (banking, primary email, etc).
The other important difference for me is that, whereas Graphene OS restricts root access for end-user security, companies making locked down devices withhold root from the end-user in order to keep control for themselves.