diff --git a/release.sh b/release.sh
index 112da9790..e8f7f06c3 100755
--- a/release.sh
+++ b/release.sh
@@ -10,7 +10,7 @@
 #   npm; typically installed by Node.js
 #   yarn; install via brew (macOS) or similar (https://yarnpkg.com/docs/install/)
 #
-# Note: this script is also used to release matrix-react-sdk and riot-web.
+# Note: this script is also used to release matrix-react-sdk and element-web.
 
 set -e
 
diff --git a/spec/integ/devicelist-integ-spec.js b/spec/integ/devicelist-integ-spec.js
index 039d541ff..ea3b28531 100644
--- a/spec/integ/devicelist-integ-spec.js
+++ b/spec/integ/devicelist-integ-spec.js
@@ -140,7 +140,7 @@ describe("DeviceList management:", function() {
 
     it("We should not get confused by out-of-order device query responses",
        () => {
-           // https://github.com/vector-im/riot-web/issues/3126
+           // https://github.com/vector-im/element-web/issues/3126
            aliceTestClient.expectKeyQuery({device_keys: {'@alice:localhost': {}}});
            return aliceTestClient.start().then(() => {
                aliceTestClient.httpBackend.when('GET', '/sync').respond(
@@ -271,7 +271,7 @@ describe("DeviceList management:", function() {
            });
        }).timeout(3000);
 
-    // https://github.com/vector-im/riot-web/issues/4983
+    // https://github.com/vector-im/element-web/issues/4983
     describe("Alice should know she has stale device lists", () => {
         beforeEach(async function() {
             await aliceTestClient.start();
diff --git a/spec/integ/megolm-integ.spec.js b/spec/integ/megolm-integ.spec.js
index 0befd7a7c..3249ed0f7 100644
--- a/spec/integ/megolm-integ.spec.js
+++ b/spec/integ/megolm-integ.spec.js
@@ -346,7 +346,7 @@ describe("megolm", function() {
     });
 
     it("Alice receives a megolm message before the session keys", function() {
-        // https://github.com/vector-im/riot-web/issues/2273
+        // https://github.com/vector-im/element-web/issues/2273
         let roomKeyEncrypted;
 
         return aliceTestClient.start().then(() => {
@@ -726,7 +726,7 @@ describe("megolm", function() {
         });
     });
 
-    // https://github.com/vector-im/riot-web/issues/2676
+    // https://github.com/vector-im/element-web/issues/2676
     it("Alice should send to her other devices", function() {
         // for this test, we make the testOlmAccount be another of Alice's devices.
         // it ought to get included in messages Alice sends.
diff --git a/src/base-apis.js b/src/base-apis.js
index 4b6a77b64..2b7ccd5bc 100644
--- a/src/base-apis.js
+++ b/src/base-apis.js
@@ -66,7 +66,7 @@ function termsUrlForService(serviceType, baseUrl) {
  * callback that returns a Promise<String> of an identity access token to supply
  * with identity requests. If the object is unset, no access token will be
  * supplied.
- * See also https://github.com/vector-im/riot-web/issues/10615 which seeks to
+ * See also https://github.com/vector-im/element-web/issues/10615 which seeks to
  * replace the previous approach of manual access tokens params with this
  * callback throughout the SDK.
  *
diff --git a/src/client.js b/src/client.js
index 507f1ca1e..7efa758e9 100644
--- a/src/client.js
+++ b/src/client.js
@@ -119,7 +119,7 @@ function keyFromRecoverySession(session, decryptionKey) {
  * callback that returns a Promise<String> of an identity access token to supply
  * with identity requests. If the object is unset, no access token will be
  * supplied.
- * See also https://github.com/vector-im/riot-web/issues/10615 which seeks to
+ * See also https://github.com/vector-im/element-web/issues/10615 which seeks to
  * replace the previous approach of manual access tokens params with this
  * callback throughout the SDK.
  *
@@ -380,7 +380,7 @@ export function MatrixClient(opts) {
             ? !!actions.tweaks.highlight : false;
         if (oldHighlight !== newHighlight || currentCount > 0) {
             // TODO: Handle mentions received while the client is offline
-            // See also https://github.com/vector-im/riot-web/issues/9069
+            // See also https://github.com/vector-im/element-web/issues/9069
             if (!room.hasUserReadEvent(this.getUserId(), event.getId())) {
                 let newCount = currentCount;
                 if (newHighlight && !oldHighlight) newCount++;
@@ -398,7 +398,7 @@ export function MatrixClient(opts) {
 
     // Like above, we have to listen for read receipts from ourselves in order to
     // correctly handle notification counts on encrypted rooms.
-    // This fixes https://github.com/vector-im/riot-web/issues/9421
+    // This fixes https://github.com/vector-im/element-web/issues/9421
     this.on("Room.receipt", (event, room) => {
         if (room && this.isRoomEncrypted(room.roomId)) {
             // Figure out if we've read something or if it's just informational
diff --git a/src/crypto/DeviceList.js b/src/crypto/DeviceList.js
index 5925f8adb..4a3e6f6dc 100644
--- a/src/crypto/DeviceList.js
+++ b/src/crypto/DeviceList.js
@@ -790,7 +790,7 @@ class DeviceListUpdateSerialiser {
 
             // yield to other things that want to execute in between users, to
             // avoid wedging the CPU
-            // (https://github.com/vector-im/riot-web/issues/3158)
+            // (https://github.com/vector-im/element-web/issues/3158)
             //
             // of course we ought to do this in a web worker or similar, but
             // this serves as an easy solution for now.
diff --git a/src/crypto/algorithms/megolm.js b/src/crypto/algorithms/megolm.js
index f3e276117..006a11010 100644
--- a/src/crypto/algorithms/megolm.js
+++ b/src/crypto/algorithms/megolm.js
@@ -1015,7 +1015,7 @@ MegolmEncryption.prototype._getDevicesInRoom = async function(room) {
     // with them, which means that they will have announced any new devices via
     // device_lists in their /sync response.  This cache should then be maintained
     // using all the device_lists changes and left fields.
-    // See https://github.com/vector-im/riot-web/issues/2305 for details.
+    // See https://github.com/vector-im/element-web/issues/2305 for details.
     const devices = await this._crypto.downloadKeys(roomMembers, false);
     const blocked = {};
     // remove any blocked devices
@@ -1109,7 +1109,7 @@ MegolmDecryption.prototype.decryptEvent = async function(event) {
     //
     // then, if the key turns up while decryption is in progress (and
     // decryption fails), we will schedule a retry.
-    // (fixes https://github.com/vector-im/riot-web/issues/5001)
+    // (fixes https://github.com/vector-im/element-web/issues/5001)
     this._addEventToPendingList(event);
 
     let res;
diff --git a/src/crypto/index.js b/src/crypto/index.js
index 0b08daf63..8347e6ad7 100644
--- a/src/crypto/index.js
+++ b/src/crypto/index.js
@@ -1403,7 +1403,7 @@ Crypto.prototype._checkAndStartKeyBackup = async function() {
             // uploaded to the new backup. This is a bit of a workaround to upload
             // keys to a new backup in *most* cases, but it won't cover all cases
             // because we don't remember what backup version we uploaded keys to:
-            // see https://github.com/vector-im/riot-web/issues/14833
+            // see https://github.com/vector-im/element-web/issues/14833
             await this.scheduleAllGroupSessionsForBackup();
         } else {
             logger.log("Backup version " + backupInfo.version + " still current");
@@ -2410,7 +2410,7 @@ Crypto.prototype.setRoomEncryption = async function(roomId, config, inhibitDevic
 
         await this.trackRoomDevices(roomId);
         // TODO: this flag is only not used from MatrixClient::setRoomEncryption
-        // which is never used (inside riot at least)
+        // which is never used (inside Element at least)
         // but didn't want to remove it as it technically would
         // be a breaking change.
         if (!this.inhibitDeviceQuery) {
@@ -2984,7 +2984,7 @@ Crypto.prototype.onSyncCompleted = async function(syncData) {
     // we don't start uploading one-time keys until we've caught up with
     // to-device messages, to help us avoid throwing away one-time-keys that we
     // are about to receive messages for
-    // (https://github.com/vector-im/riot-web/issues/2782).
+    // (https://github.com/vector-im/element-web/issues/2782).
     if (!syncData.catchingUp) {
         _maybeUploadOneTimeKeys(this);
         this._processReceivedRoomKeyRequests();
diff --git a/src/crypto/verification/Base.js b/src/crypto/verification/Base.js
index 0b6cf31db..cee4e0939 100644
--- a/src/crypto/verification/Base.js
+++ b/src/crypto/verification/Base.js
@@ -234,7 +234,7 @@ export class VerificationBase extends EventEmitter {
                 crossSigning.keys = original.keys;
 
                 // XXX: get all keys out if we get one key out
-                // https://github.com/vector-im/riot-web/issues/12604
+                // https://github.com/vector-im/element-web/issues/12604
                 // then change here to reject on the timeout
                 /* Requests can be ignored, so don't wait around forever */
                 const timeout = new Promise((resolve, reject) => {
diff --git a/src/models/event.js b/src/models/event.js
index 6b735f289..ef8fdb12c 100644
--- a/src/models/event.js
+++ b/src/models/event.js
@@ -87,7 +87,7 @@ export const MatrixEvent = function(
     // amount of needless string duplication. This can save moderate amounts of
     // memory (~10% on a 350MB heap).
     // 'membership' at the event level (rather than the content level) is a legacy
-    // field that Riot never otherwise looks at, but it will still take up a lot
+    // field that Element never otherwise looks at, but it will still take up a lot
     // of space if we don't intern it.
     ["state_key", "type", "sender", "room_id", "membership"].forEach((prop) => {
         if (!event[prop]) {