but consumer routers are a really significant security junction which historically has always been somewhat neglected.

You're right, but simply shifting the production from overseas to US doesn't inherently make the routers more secure. The article mentions the lack of software updates for discontinued products as a big threat that has been exploited in the past.

I only read a few sentences before the paywall stopped me,

Fortunately, there is no paywall for me. Here is the article on archive.org.

but sounds like they'll whitelist any foreign manufacturers that are legitimate.

No, the article mentions only one exception:

Now, router makers need to A) secure a “conditional approval” that lets them keep getting new products cleared for US entry while they work to convince the government that they’ll open up manufacturing in the US, or B) make the decision to skip selling future products in the US, like dronemaker DJI already did.