diff --git a/javascript/ql/src/CHANGELOG.md b/javascript/ql/src/CHANGELOG.md
index be49d069c0c..871bb2e1a9d 100644
--- a/javascript/ql/src/CHANGELOG.md
+++ b/javascript/ql/src/CHANGELOG.md
@@ -127,7 +127,7 @@ No user-facing changes.
   The query is not run by default.
 * A new query `js/file-system-race` has been added. The query detects when there is time between a file being checked and used. The query is not run by default.
 * A new query `js/jwt-missing-verification` has been added. The query detects applications that don't verify JWT tokens.
-* The `js/insecure-dependency` query has been added. It detects depedencies that are downloaded using an unencrypted connection.
+* The `js/insecure-dependency` query has been added. It detects dependencies that are downloaded using an unencrypted connection.
 
 ## 0.0.9
 
diff --git a/javascript/ql/src/change-notes/released/0.0.10.md b/javascript/ql/src/change-notes/released/0.0.10.md
index 029d450716f..4804cf9e0b0 100644
--- a/javascript/ql/src/change-notes/released/0.0.10.md
+++ b/javascript/ql/src/change-notes/released/0.0.10.md
@@ -6,4 +6,4 @@
   The query is not run by default.
 * A new query `js/file-system-race` has been added. The query detects when there is time between a file being checked and used. The query is not run by default.
 * A new query `js/jwt-missing-verification` has been added. The query detects applications that don't verify JWT tokens.
-* The `js/insecure-dependency` query has been added. It detects depedencies that are downloaded using an unencrypted connection.
+* The `js/insecure-dependency` query has been added. It detects dependencies that are downloaded using an unencrypted connection.