I think this is something that should be left for pip to decide. In fact, we can’t include it in the standard as requirements files and the pip freeze format aren’t standardised. My personal view is that I don’t want the output of pip freeze littered with [] just in case projects define default extras. The output of pip freeze isn’t just a “dumb lockfile” format, it’s also used for human consumption, and for various scripting use cases. As such, I’d rather it stayed human-readable.
People who want to avoid default extras getting installed should be using --no-deps.
Regarding “tools will follow pip”, I would strongly advise tools to make their own decisions, and not treat pip freeze output as an informal standard. We now have a lockfile standard which should be used for any actual locking needs. There’s simply no reason outside of backward compatibility for using pip freeze output for locking, so if anything, I’d argue that “don’t change anything” is the right answer if you’re taking that view.
However, as I said I think this should be a decision for tools to make on their own, so I’ll defer any further debate to when the discussion comes up on the pip tracker (and I reserve the right to change my mind over there if compelling arguments come up).