My corporate network used a transparent https man-in-the-middle proxy. That is, transparent as long as you're using a Windows machine that has been configured by the help desk and using applications that utilize the Windows certificate store, which doesn't include git, pip, or npm.
If pip or npm used gpg signing of packages rather than https, this wouldn't be a big deal. But as it stands, it's a nightmare on various Windows systems, Linux boxen, and Docker images to get the code you need.
If pip or npm used gpg signing of packages rather than https, this wouldn't be a big deal. But as it stands, it's a nightmare on various Windows systems, Linux boxen, and Docker images to get the code you need.