Here is an issue by the Nix author that wants to restrict fixed-output derivations: Restrict fixed-output derivations · Issue #2270 · NixOS/nix · GitHub
We also have @lewo who is working with Software Heritage to mirror all of our sources, which is made more difficult when fetching all the sources as one derivation.
On the other hand, listing all the dependencies in nixpkgs can make the packages quite large. Especially for nodejs applications where even simple applications tend to have thousands of dependencies. This directly impacts how long you have to wait on channel updates or when using projects with pinned nixpkgs versions.
It’s a trade-off and there is no clear outcome yet.