Pretense v0.2.0: Everything We Added in the Last 90 Days
From a single CLI package to a 17-package monorepo with VS Code extension, GitHub Action, MCP server, and dashboard. Here is what changed and what we learned.
What's New in v0.2.0
Ninety days ago, Pretense was a CLI proxy and a mutation engine. Today it is a platform. Here is what changed.
**CLI v0.2.0.** The command-line interface now supports Anthropic, OpenAI, and Google Gemini in a single proxy. We rewrote the streaming handler to support real-time streaming responses, which was the top request from early users. We added a pretense audit --export=csv command for compliance teams who need to produce SOC2 evidence packages.
**MCP server.** Pretense ships a Model Context Protocol server that integrates directly with Claude Code. When the MCP server is active, Claude Code calls pretense_scan before processing any tool result containing code. This provides protection at the Claude Code application layer, in addition to the network proxy layer. Two layers is better than one.
**VS Code extension.** A status bar indicator shows real-time mutation activity. The command palette includes Pretense: Scan Current File, Pretense: View Mutation Map, and Pretense: Start Proxy. Developers want to see protection status in their editor, not in a separate terminal.
**GitHub Action.** The pretense-scan Action runs in CI and blocks merges on unprotected LLM API calls in CI pipelines. This extends protection from individual developer machines to team-wide CI/CD.
**Dashboard.** A Next.js 15 dashboard with Tailwind CSS and shadcn/ui components. It shows mutation activity across the team, session history, secret detection events, and compliance metrics.
**Enterprise features.** SSO configuration (SAML, BoxyHQ), team-level mutation policies, centralized audit log, and role-based access for the dashboard.
The Numbers
| Metric | Value |
|---|---|
| Total packages | 17 |
| Lines of code | 47,000+ |
| Test coverage | 90%+ |
| CI jobs | 8 |
| Pages (web + dashboard) | 25+ |
| Providers supported | 3 (Anthropic, OpenAI, Google) |
| Languages scanned | 5 (TS, JS, Python, Go, Java) |
The 17 packages are: scanner, mutator, output-scanner, rag-guard, risk-engine, agent-guard, learner, alerting, billing, ci-gate, compliance-reporter, mcp-server, siem, sso, store, tenants, and tls. Each package is independently testable and versioned.
The 8 CI jobs are: lint, type-check, unit tests (Node 20), unit tests (Node 22), E2E tests, web build, dashboard build, and security scan.
The Hardest Technical Problem We Solved
Next.js incremental type generation in a monorepo with circular type dependencies.
The dashboard imports types from @pretense/risk-engine, which imports types from @pretense/scanner, which is also imported by @pretense/mutator, which is imported by the proxy. When Next.js runs tsc to generate .d.ts files incrementally, if any package in the chain has not generated its .d.ts files yet, the downstream package fails type checking with "Cannot find module or its corresponding type declarations."
The fix we settled on: a two-pass build. The first pass generates .d.ts files for all packages using tsc --emitDeclarationOnly with the --incremental flag. The second pass runs the Next.js build, which can now resolve all types. The overall build time is 40% faster than the naive approach and produces correct type resolution on every run.
This is documented in turbo.json under the build pipeline. If you are building a similar monorepo with Next.js, the two-pass pattern is the approach that works.
What We Learned From Early Users
Three signals came through clearly across the first hundred users.
**Developers want zero workflow change.** The most common feedback was that pretense start required a terminal to stay open. We added a pretense start --daemon flag that starts the proxy as a background process. Users can now set ANTHROPIC_BASE_URL permanently in their shell profile and forget about the proxy. The lesson: any friction in the protection setup is too much friction.
**CISOs want audit trails, not just protection.** Early enterprise evaluators were not primarily interested in the mutation capability. They were interested in the audit log. The question was: if my developer uses an AI tool today, can I produce a record of what they sent in six months? The lesson: enterprise buyers care about accountability before they care about prevention. Build the audit trail first.
**Enterprises want SSO.** Every enterprise evaluation, without exception, asked about SSO within the first two meetings. SSO is a procurement gate, not a feature. We prioritized BoxyHQ SAML integration earlier in the roadmap than originally planned, specifically because of this signal.
Roadmap for v0.3.0
**On-prem deployment.** Full Pretense deployment within your network, no Pretense infrastructure in the data path. Designed for organizations that cannot route any data through cloud infrastructure.
**Custom ML risk scoring.** The next version adds a learner module that builds a risk model from your mutation history. The model learns what is actually sensitive in your codebase, not just what matches a generic pattern.
**SIEM integration.** CEF, LEEF, and JSON event formats for Splunk, Microsoft Sentinel, and Elastic. This makes Pretense a source of security telemetry in your existing security operations workflow.
**Custom mutation rules.** Per-file, per-directory, and per-pattern mutation configuration. Always mutate identifiers in src/core/, never mutate identifiers that match _internal*, treat files matching *.schema.ts as especially sensitive.
Try v0.2.0 Today
npm install -g pretense
cd your-project
pretense init
pretense start --daemon
export ANTHROPIC_BASE_URL=http://localhost:9339The proxy starts as a background process, your AI tool routes through it, and you get an audit trail without thinking about it again.
[Get early access to Pro features](/early-access)
Share this article