Is it useful to lock the fedora package lists in dom0?

Does it make sense to suppress updates from the fedora 32 repository in dom0? Actually no updates come from there anymore, because there are no updates for fedora 32 anymore. But suppose we could not trust fedora. Then there would be the possibility that suddenly a new version of a package installed in dom0 is in the repository and that this package is corrupt and will then be installed in dom0.

So would it make sense to only allow qubes updates? And how would this be implemented practically?