Pegasus spies on all the data on a phone. If a phone is really infected with that, then location access is the least of your worries. But this is not relevant to this post anyway, because 99,9% of people will never be a valid target for such high-level spyware.

Stop spreading rumours.

Just disable the location permissions. And turn off GPS when you dont actively need it.

As someone who uses GrapheneOS with Sandboxed Google Play for nearly a year now, I am struggling to think about why one would not be able to use it as their daily driver. It has all the features of a regular Pixel phone, except with more security. And the security features are not even some high-level enthusiast stuff, it is (among others) some really basic features like restricting internet access for specific apps or only giving apps read permission for specific folders on your phone instead of everything. Basic security and privacy features that every device should have.

That is false. It was called the “Holy Roman Empire” from the 13th century until 1512. The name was changed in 1512 to “Holy Roman Empire of the German Nation”. But even in many official texts after 1512 they still left out the latter part.

https://en.wikipedia.org/wiki/Holy_Roman_Empire#Name_and_general_perception