diff --git a/templates/gitlab-ci-gitleaks.yml b/templates/gitlab-ci-gitleaks.yml
index 563a81b321d019c4a831f2b3020753811c853a01..8cc0e3b5d6369c267cd420bbd5107de04e3dc6db 100644
--- a/templates/gitlab-ci-gitleaks.yml
+++ b/templates/gitlab-ci-gitleaks.yml
@@ -215,7 +215,7 @@ stages:
 
   # ENDSCRIPT
 
-# full analysis on master and develop branches
+# full analysis on main/master and develop branches
 gitleaks:
   image:
     name: $GITLEAKS_IMAGE
@@ -233,7 +233,17 @@ gitleaks:
     - install_gitleaks_rules
     - git config --global --add safe.directory "${CI_PROJECT_DIR}"
   script:
-    - gitleaks git ${TRACE+--log-level debug} $gitleaks_rule_opts --report-path reports/gitleaks.native.json $GITLEAKS_ARGS .
+    - |
+      log_opts=""
+      if [[ "$CI_MERGE_REQUEST_DIFF_BASE_SHA" ]]
+      then
+        log_info "Merge Request only analysis (\\e[33;1m${CI_MERGE_REQUEST_DIFF_BASE_SHA}..${CI_COMMIT_SHA}\\e[0m)"
+        log_opts="${CI_MERGE_REQUEST_DIFF_BASE_SHA}..${CI_COMMIT_SHA}"
+      else
+        log_info "Full branch analysis (\\e[33;1m${CI_COMMIT_SHA}\\e[0m and ancestors)"
+        log_opts="${CI_COMMIT_SHA}"
+      fi
+    - gitleaks git ${TRACE+--log-level debug} $gitleaks_rule_opts --log-opts "$log_opts" --report-path reports/gitleaks.native.json $GITLEAKS_ARGS .
   artifacts:
     name: "$CI_JOB_NAME artifacts from $CI_PROJECT_NAME on $CI_COMMIT_REF_SLUG"
     when: always