diff --git a/java/ql/lib/change-notes/2024-06-12-isandroid-deprecated.md b/java/ql/lib/change-notes/2024-06-12-isandroid-deprecated.md
new file mode 100644
index 00000000000..b14354ba0a0
--- /dev/null
+++ b/java/ql/lib/change-notes/2024-06-12-isandroid-deprecated.md
@@ -0,0 +1,4 @@
+---
+category: deprecated
+---
+* The predicate `isAndroid` from the module `semmle.code.java.security.AndroidCertificatePinningQuery` has been deprecated. Use `semmle.code.java.frameworks.android.Android::inAndroidApplication(File file)` instead.
diff --git a/java/ql/src/change-notes/2024-07-07-android-application-heuristic-updated.md b/java/ql/src/change-notes/2024-07-07-android-application-heuristic-updated.md
new file mode 100644
index 00000000000..fbf24383c19
--- /dev/null
+++ b/java/ql/src/change-notes/2024-07-07-android-application-heuristic-updated.md
@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* The heuristic to enable certain Android queries has been improved. Now it ignores Android Manifests which don't define an activity, content provider or service. We also only consider files which are under a folder containing such an Android Manifest for these queries. This should remove some false positive alerts.