Proxy Mode

Proxy Mode an HTTP/HTTPS proxy server that intercepts package manager requests and enforces security policies by blocking dangerous packages. It supports npm, PyPI, Maven, Go modules, RubyGems, Cargo, and NuGet registries.

Support Matrix

Ecosystem	Package Manager	HTTP	HTTPS
JavaScript/TypeScript	npm	✅	✅
JavaScript/TypeScript	yarn	✅	✅
JavaScript/TypeScript	pnpm	✅	✅
Python	uv	✅	✅
Python	pip	✅	✅
Python	Poetry	❌ ¹	❌ ¹
Rust	Cargo	✅	❌ ²
Go	Go Modules	✅	✅
Java/Scala/Kotlin	Maven	✅	❌ ³
Java/Scala/Kotlin	Gradle	✅	❌ ³
Ruby	gem	✅	❌ ⁴
Ruby	Bundler	✅	❌ ⁴
.NET	NuGet	✅	✅

Footnotes

Poetry has issues utilizing a proxy for package management requests. Poetry is not supported at this time. ↩ ↩²
Cargo has trouble interacting with a TLS-encrypted proxy. Traffic sent to and received by the remote registry will be encrypted, but initial per-request Socket Firewall config may be sent unencrypted. We recommend Cargo users to use the CLI wrapper or an on-prem HTTP service instance. ↩
Maven and Gradle rely on a HTTP library that does not support TLS for HTTP proxy connections (the Socket Firewall URL). However, HTTPS to the destination is supported. It is recommended to configure this for on-prem, where per-request Socket Firewall configuration can be sent unencrypted in the initial CONNECT without security concerns. ↩ ↩²
gem and Bundler rely on a HTTP library that does not support TLS for HTTP proxy connections (the Socket Firewall URL). However, HTTPS to the destination is supported. It is recommended to that Ruby users should interact with Socket Firewall through the CLI wrapper or via an on-prem service instance. ↩ ↩²