They are doing it like everybody else, they have their own system apps (because they got kind of unmaintainted by Google in AOSP since Android 12), they add drivers from the pixel device tree and then they add their security patches.

If you would put AOSP on a Pixel, it wouldn't even boot and if you managed to get it to boot, the apps would be unusable.