diff --git a/.gitlab/merge_request_templates/new_feature.md b/.gitlab/merge_request_templates/new_feature.md
index 74abae94c94dc0768bb5c51fe51ad253fce113fe..491b7f98ded7e0da03d18c95978eafcb7d86619f 100644
--- a/.gitlab/merge_request_templates/new_feature.md
+++ b/.gitlab/merge_request_templates/new_feature.md
@@ -8,8 +8,8 @@ Closes #999
 ## Checklist
 
 * General:
-    * [ ] use [rules](https://docs.gitlab.com/ee/ci/yaml/#rules) instead of [only/except](https://docs.gitlab.com/ee/ci/yaml/#onlyexcept-advanced)
-    * [ ] optimized [cache](https://docs.gitlab.com/ee/ci/caching/) configuration (wherever applicable)
+    * [ ] use [rules](https://docs.gitlab.com/ci/yaml/#rules) instead of [only/except](https://docs.gitlab.com/ci/yaml/#onlyexcept-advanced)
+    * [ ] optimized [cache](https://docs.gitlab.com/ci/caching/) configuration (wherever applicable)
 * Publicly usable:
     * [ ] untagged runners
     * [ ] no proxy configuration but support `http_proxy`/`https_proxy`/`no_proxy`
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 46805fa9703bdb305a42b9778e2ff0cbf6ed0384..6943b626f2af6379d59a206221876a77a9d3b74e 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,4 +1,11 @@
-# [2.7.0](https://git.code.tecnalia.dev/smartdatalab/public/ci-cd-components/gitleaks/compare/2.6.1...2.7.0) (2025-01-29)
+## [2.7.1](https://gitlab.com/to-be-continuous/gitleaks/compare/2.7.0...2.7.1) (2025-04-02)
+
+
+### Bug Fixes
+
+* analyse branch or MR commits only ([0ed44f1](https://gitlab.com/to-be-continuous/gitleaks/commit/0ed44f1c596e840cacc79f072e265714cd503a21))
+
+# [2.7.0](https://gitlab.com/to-be-continuous/gitleaks/compare/2.6.1...2.7.0) (2025-01-27)
 
 
 ### Features
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 4aacd2a081ad9db795dc2ec4558afd502bd2e8cb..1285f81c6f52eb8c10f21f1551470055417ab0fe 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -61,7 +61,7 @@ To contribute:
 
 1. Create an issue describing the bug or enhancement you want to propose (select the right issue template).
 2. Make sure the issue has been reviewed and agreed.
-3. Create a Merge Request, from your **own** fork (see [forking workflow](https://docs.gitlab.com/ee/user/project/repository/forking_workflow.html) documentation).
+3. Create a Merge Request, from your **own** fork (see [forking workflow](https://docs.gitlab.com/user/project/repository/forking_workflow/) documentation).
    Don't hesitate to mark your MR as `Draft` as long as you think it's not ready to be reviewed.
 
 ### Git Commit Conventions
diff --git a/README.md b/README.md
index 85efdc9e8cc6e56a63a3b5410f13f8f13e49aad8..72dc2bc2781a88c6d37a5a03f55746315384a31d 100644
--- a/README.md
+++ b/README.md
@@ -3,14 +3,14 @@
 This project implements a GitLab CI/CD template to detect and prevent hardcoded secrets in your 
 Git repository with [Gitleaks](https://github.com/zricethezav/gitleaks/wiki).
 
-When run on the master branch, Gitleaks will audit all commits from all branches.
+When run on merge requests, Gitleaks will run a quick analysis of added commits (i.e. the diff).
 
-When run on other branches, Gitleaks will run a quick analysis on the current branch.
+When run on branches, Gitleaks will run an analysis of all commits in the branch.
 
 ## Usage
 
-This template can be used both as a [CI/CD component](https://docs.gitlab.com/ee/ci/components/#use-a-component) 
-or using the legacy [`include:project`](https://docs.gitlab.com/ee/ci/yaml/index.html#includeproject) syntax.
+This template can be used both as a [CI/CD component](https://docs.gitlab.com/ci/components/#use-a-component) 
+or using the legacy [`include:project`](https://docs.gitlab.com/ci/yaml/#includeproject) syntax.
 
 ### Use as a CI/CD component
 
@@ -19,7 +19,7 @@ Add the following to your `.gitlab-ci.yml`:
 ```yaml
 include:
   # 1: include the component
-  - component: $CI_SERVER_FQDN/to-be-continuous/gitleaks/gitlab-ci-gitleaks@2.7.0
+  - component: $CI_SERVER_FQDN/to-be-continuous/gitleaks/gitlab-ci-gitleaks@2.7.1
     # 2: set/override component inputs
     inputs:
       args: "--no-banner" # ⚠ this is only an example
@@ -33,7 +33,7 @@ Add the following to your `.gitlab-ci.yml`:
 include:
   # 1: include the template
   - project: 'to-be-continuous/gitleaks'
-    ref: '2.7.0'
+    ref: '2.7.1'
     file: '/templates/gitlab-ci-gitleaks.yml'
 
 variables:
@@ -48,7 +48,7 @@ They use the following configuration.
 
 | Input / Variable | Description                            | Default value     |
 | --------------------- | -------------------------------------- | ----------------- |
-| `image` / `GITLEAKS_IMAGE` | The Docker image used to run Gitleaks  | `registry.hub.docker.com/zricethezav/gitleaks:latest` |
+| `image` / `GITLEAKS_IMAGE` | The Docker image used to run Gitleaks  | `registry.hub.docker.com/zricethezav/gitleaks:latest` <br/>[![Trivy Badge](https://to-be-continuous.gitlab.io/doc/secu/trivy-badge-GITLEAKS_IMAGE.svg)](https://to-be-continuous.gitlab.io/doc/secu/trivy-GITLEAKS_IMAGE) |
 | `rules` / `GITLEAKS_RULES` | Gitleaks [configuration rules](https://github.com/zricethezav/gitleaks#configuration) to use (you may also provide your own `.gitleaks.toml` configuration file in your project). | _none_ (uses default rules) |
 | `args` / `GITLEAKS_ARGS` | [Options](https://github.com/zricethezav/gitleaks/wiki/Options) for a full Gitleaks analysis (on master or develop branches) | `--verbose` |
 | `gitleaks-job-tags` / `GITLEAKS_JOB_TAGS` | Tags to be used for selecting runners for the job | `[]`            |
@@ -59,4 +59,7 @@ Here is how this GitLab CI template chooses the Gitleaks rules to use:
 
 1. It first looks for a `.gitleaks.toml` file at the root of your project repository.
 2. If not found, it uses the `.toml` file specified with the `$GITLEAKS_RULES` variable.
-3. If not specified, [default Gitleaks rules] (https://github.com/zricethezav/gitleaks/blob/master/config/gitleaks.toml) are used.
+3. If not specified, [default Gitleaks rules](https://github.com/zricethezav/gitleaks/blob/master/config/gitleaks.toml) are used.
+
+
+Your Gitleaks rule file can extend the default rules by using `[extend]` + `useDefault = true` as explained in the [Gitleaks documentation](https://github.com/gitleaks/gitleaks/blob/master/README.md#configuration)
diff --git a/templates/gitlab-ci-gitleaks.yml b/templates/gitlab-ci-gitleaks.yml
index c6006f484a3ec93e5335a6bbcc35743598f97403..8c1b06179eb1e81fa96ee1e3762ff437c9cbab83 100644
--- a/templates/gitlab-ci-gitleaks.yml
+++ b/templates/gitlab-ci-gitleaks.yml
@@ -220,14 +220,14 @@ stages:
 
   # ENDSCRIPT
 
-# full analysis on master and develop branches
+# full analysis on main/master and develop branches
 gitleaks:
   image:
     name: $GITLEAKS_IMAGE
     entrypoint: [""]
   services:
     - name: "$TBC_TRACKING_IMAGE"
-      command: ["--service", "gitleaks", "2.7.0"]
+      command: ["--service", "gitleaks", "2.7.1"]
   stage: test
   needs: []
   variables:
@@ -238,7 +238,17 @@ gitleaks:
     - install_gitleaks_rules
     - git config --global --add safe.directory "${CI_PROJECT_DIR}"
   script:
-    - gitleaks git ${TRACE+--log-level debug} $gitleaks_rule_opts --report-path reports/gitleaks.native.json $GITLEAKS_ARGS .
+    - |
+      log_opts=""
+      if [[ "$CI_MERGE_REQUEST_DIFF_BASE_SHA" ]]
+      then
+        log_info "Merge Request only analysis (\\e[33;1m${CI_MERGE_REQUEST_DIFF_BASE_SHA}..${CI_COMMIT_SHA}\\e[0m)"
+        log_opts="${CI_MERGE_REQUEST_DIFF_BASE_SHA}..${CI_COMMIT_SHA}"
+      else
+        log_info "Full branch analysis (\\e[33;1m${CI_COMMIT_SHA}\\e[0m and ancestors)"
+        log_opts="${CI_COMMIT_SHA}"
+      fi
+    - gitleaks git ${TRACE+--log-level debug} $gitleaks_rule_opts --log-opts "$log_opts" --report-path reports/gitleaks.native.json $GITLEAKS_ARGS .
   artifacts:
     name: "$CI_JOB_NAME artifacts from $CI_PROJECT_NAME on $CI_COMMIT_REF_SLUG"
     when: always