I would argue dynamic linking in itself is still very important, in the sense that if some nasty security vulnerability is discovered in an important core package (OpenSSL or glibc or something), a patch can be pushed out without requiring downstream applications to be recompiled.
To be honest, I don't think most developers have a robust mechanism of tracking vulnerabilities in the projects they directly depend on, let alone the dependencies of dependencies.
To be honest, I don't think most developers have a robust mechanism of tracking vulnerabilities in the projects they directly depend on, let alone the dependencies of dependencies.