Pretense CLI
Every command, flag, and example. Grouped by category: Core scanning, Setup, Authentication, and Utility.
Command overview
| Command | Description | Group |
|---|---|---|
pretense scan | Scan files or directories for secrets and high-risk identifiers. | Core |
pretense scan ci | Full repository scan designed for CI pipelines. | Core |
pretense review | AI-powered code review that checks for security issues, mutation coverage gaps, and best practices. | Core |
pretense init | Initialize Pretense in the current repository. | Setup |
pretense install | Install Pretense git hooks into the current repository. | Setup |
pretense config list | Print the current resolved configuration as a table. | Setup |
pretense auth login | Authenticate with Pretense Cloud. | Auth |
pretense auth logout | Remove stored credentials from ~/. | Auth |
pretense auth status | Show current authentication status: logged-in user, team, plan tier, and credential expiry. | Auth |
pretense start | Start the Pretense proxy server. | Utility |
pretense status | Check whether the proxy is running, which port it is on, mutation count for the current session, and uptime. | Utility |
pretense update | Upgrade the Pretense CLI to the latest version. | Utility |
pretense logs | Stream or view the proxy request log. | Utility |
The primary scanning and review commands. These are the tools you use every day.
pretense scanScan files or directories for secrets and high-risk identifiers. Outputs a severity-sorted report. Does not mutate or modify any files.
Usage
pretense scan [path] [options]Example
pretense scan ./src --severity highOptions
--format <fmt>Output format: text (default), json, csv, sarif--severity <lvl>Minimum severity: low, medium, high, critical--output <file>Write results to file instead of stdout--no-colorDisable colored terminal outputpretense scan ciFull repository scan designed for CI pipelines. Scans all tracked files and produces machine-readable output.
Usage
pretense scan ci [options]Example
pretense scan ci --format sarif --output results.sarif --exit-codeOptions
--format <fmt>Output format: text, json, sarif, csv--output <file>Write results to file--severity <lvl>Minimum severity threshold--exit-codeExit with code 2 if findings match threshold--baseline <file>Ignore findings present in a baseline SARIF filepretense reviewAI-powered code review that checks for security issues, mutation coverage gaps, and best practices.
Usage
pretense review [path] [options]Example
pretense review ./src/auth.ts --jsonOptions
--plainPlain text output--jsonStructured JSON output for automation--agentRun in agent mode for interactive review sessionsCommands for initializing projects, installing hooks, and managing configuration.
pretense initInitialize Pretense in the current repository. Creates .pretense/ with config, scans the codebase, and builds an initial mutation profile.
Usage
pretense init [options]Example
cd my-project && pretense initOptions
--forceOverwrite existing .pretense/ config if present--skip-scanSkip the initial codebase scanpretense installInstall Pretense git hooks into the current repository. Sets up automatic scanning on every commit or push.
Usage
pretense install --mode <pre-commit|pre-push>Example
pretense install --mode pre-commitOptions
--mode <mode>Hook type: pre-commit (recommended) or pre-pushpretense config listPrint the current resolved configuration as a table.
Usage
pretense config listExample
pretense config listCommands for authenticating with Pretense Cloud (team dashboard, audit sync, remote policies).
pretense auth loginAuthenticate with Pretense Cloud. Opens a browser for OAuth or accepts an API key via --key.
Usage
pretense auth login [options]Example
pretense auth loginOptions
--key <api-key>Authenticate with an API key instead of browser OAuthpretense auth logoutRemove stored credentials from ~/.pretense/credentials.json.
Usage
pretense auth logoutExample
pretense auth logoutpretense auth statusShow current authentication status: logged-in user, team, plan tier, and credential expiry.
Usage
pretense auth statusExample
pretense auth statusMaintenance and informational commands.
pretense startStart the Pretense proxy server. Routes LLM API traffic through the mutation engine.
Usage
pretense start [options]Example
pretense start --port 9339Options
--port <n>Port to listen on (default: 9339)--backgroundRun proxy as a background daemon--watchReload config on .pretense.yaml changespretense statusCheck whether the proxy is running, which port it is on, mutation count for the current session, and uptime.
Usage
pretense statusExample
pretense statuspretense updateUpgrade the Pretense CLI to the latest version. Preserves your configuration and audit database.
Usage
pretense update [options]Example
pretense updatepretense logsStream or view the proxy request log.
Usage
pretense logs [options]Example
pretense logs --tail 50Options
--tail <n>Show last N log entries (default: 100)--followStream new log entries in real-time--format <fmt>Output format: text (default), json, ndjsonGlobal flags
These flags work with every command and must be placed before the subcommand name.
| Flag | Short | Description |
|---|---|---|
--verbose | -v | Enable verbose logging. |
--config <path> | -c | Path to a config file other than .pretense.yaml. |
--api-key <key> | -k | Pretense API key. Can also be set via PRETENSE_API_KEY env var. |
--json | -j | Output all command results as machine-readable JSON. |
--no-color | -- | Disable colored terminal output. |
Exit codes
All commands follow standard Unix exit code conventions.
| Code | Meaning |
|---|---|
0 | Success — command completed without errors |
1 | General error — see stderr for details |
2 | Secrets detected — scan found findings above threshold |
3 | Config error — .pretense.yaml is missing or invalid |
4 | Proxy already running — pretense start called while proxy is active |
5 | Auth error — invalid or missing API key for cloud features |
Shell completion
Pretense ships tab completion for bash, zsh, and fish. Run the appropriate command once to enable it.
zsh
pretense completion zsh >> ~/.zshrc && source ~/.zshrcbash
pretense completion bash >> ~/.bashrc && source ~/.bashrcfish
pretense completion fish > ~/.config/fish/completions/pretense.fishNext steps
CLI mastered. Here is where to go deeper.