Thanks for the insights, have you seen any good practice (tips) on how 'security mechanisms for development' could actually help security teams and developers work smoothly? Instead of being the reason for conflict.
I think the most trivial mechanism is to have your own subnet for developers that maybe has fewer restrictions. Not really a DMZ, but perhaps skip deep package inspections. Most tools can be configured to allow self-signed certs, but it is still a lot of hassle, especially for test systems. In exchange the dev subnet should only have restricted access to the rest of the internal network. But lacking convenience here is preferable to not being able to download some dependencies.
