And if you work behind a corporate proxy, expect all of the above to be an order of magnitude worse. Oh you set the proxy setting in the IDE/Shell/Package Manager? You forgot about x, y and z; and websites foo, bar, and bas are blocked!
Transparent proxies and 802.1x auth have been around for a while. Even my high school got off the "you must configure a proxy server in every application" train. IMO that is just poor IT.
I remember a few years ago, before Git had NTLM support (for proxies), I had to use all kinds of terrible hacks to get online. Recently, the proxy I'm behind for at least 8 hours a day has been changed to accept Basic and Negotiate, but I didn't realise that until I'd spent a not insignificant amount of time yelling at NPM.
Even if you do get online, don't forget to configure the MITM CA cert!
Next up, apps that try to execute from %LOCALAPPDATA% (Squirrel installers). This is blocked by most AppLocker configs.
