GrapheneOS developer is very toxic, if you trust him is up to you. I prefer not running his code on my personal devices, especially after him blaming large parts of his community for coordinated harassment. Watch Louis Rossman’s video on it.

Although for security-focussed custom roms on the google pixel, like Calyx or Divest, you can re-lock the bootloader, so there’s less security risk. A factory reset is required to unlock it again, similar to a factory bootloader lock.

No, this is Patrick!

Linux, it fits my needs better on desktop, and is much less painful to troubleshoot than Windows, with more freedom and control than macOS.

I think the last thing you’d have to worrh about is your job when nearly all infrastructure collapses.