The TPM is a blessing and a curse. On the one hand, it protects you from having to remember any passwords and makes encryption available to almost anyone.
I'm not sure about the situation on macOS, I think Apple's TPM is a bit more advanced than most PC alternatives. I don't think modern macs are vulnerable to the attack I linked above. Microsoft's Pluton chip may also be different, I can't find much about its physical security properties.
That assumes the TPM is willing to unseal the drive, so you can use a probe to capture the key as it sends it. Microsoft recommend using TPM+PIN which prevents this as the TPM won't release the key unless you provide the PIN. The PIN can be fairly weak as the TPM prevents brute force.
I'm sure there are still vulnerabilities, but this is the method that governments themselves use for their devices, at least in UK.
Yes, TPM without a password is a step up from no encryption but TPM with even a weak password is a huge benefit.
Of course I am assuming that the TPM works correctly. Vulnerabilities in that may be more likely than with software crypto. But that is a difficult tradeoff to evaluate.
Use the TPM as an additional layer of protection. In combination with other things as well, heck even the encryption built into an SSD. So if any one fails, it's still better than nothing. All with separate, uncorrelated passphrases.
On the other hand, someone who can steal your laptop may be able to dump the TPM keys by simply attaching probes and turning on your machine: https://astralvx.com/stealing-the-bitlocker-key-from-a-tpm/
I'm not sure about the situation on macOS, I think Apple's TPM is a bit more advanced than most PC alternatives. I don't think modern macs are vulnerable to the attack I linked above. Microsoft's Pluton chip may also be different, I can't find much about its physical security properties.