diff --git a/.gitlab/sast-ruleset.toml b/.gitlab/sast-ruleset.toml
new file mode 100644
index 0000000000..5a1cd9e1c1
--- /dev/null
+++ b/.gitlab/sast-ruleset.toml
@@ -0,0 +1,25 @@
+[nodejs-scan]
+  description = "Custom njsscan ruleset"
+
+  [[nodejs-scan.passthrough]]
+    type = "raw"
+		value = '''
+---
+- nodejs-extensions:
+  - .js
+	- .mjs
+	- .cjs
+
+  ignore-paths:
+	- .git
+  - .config
+	- .gitlab
+	- .vscode
+	- ci
+  - custom
+	- dev
+	- docs
+	- locales
+	- node_modules
+	- target
+'''