diff --git a/.github/codeql/codeql-config.yml b/.github/codeql/codeql-config.yml
new file mode 100644
index 00000000..0b90158e
--- /dev/null
+++ b/.github/codeql/codeql-config.yml
@@ -0,0 +1,8 @@
+name: "VIPER CodeQL config"
+
+queries:
+  - uses: security-and-quality
+
+paths-ignore:
+  - "**/obj/**"
+  - "**/bin/**"
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index dbb0bed2..4d5caa6e 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -47,7 +47,7 @@ jobs:
       uses: github/codeql-action/init@v4.35.2
       with:
         languages: ${{ matrix.language }}
-        queries: security-and-quality
+        config-file: ./.github/codeql/codeql-config.yml
 
     # Autobuild attempts to build any compiled languages  (C/C++, C#, Go, or Java).
     # If this step fails, then you should remove it and run the build manually (see below)