bump charts for 2026.5.20

[derek-etherton-opslevel]

Already on helm-unstable and deployed internally.

2026.5.20 - 2026-05-20

Bugfix

• Fix alignment of user icons on Teams Tree view.
• Fix Code Issue filter dropdown options being truncated.
• Reduce duplicative check runs when a component is associated to the same repository at multiple paths.
• Begin skipping SBOM generation for inactive repositories.
• Fix Scorecard components CSV export being empty.
• Improvements to opslevel.yml sync error handling.
• Allow 'none' as a github issue category.
• Fix date overlaps and bucketing inconsistencies on historical reporting charts.
• Begin rejecting webhooks for invalidated Github repositories.
• Fixed 'not equal' custom property filter predicates not saving.
• Fix population of 'Engine Version' and 'Availability Zone' for AWS integration Elasticaches.
• Better handle 404 errors when syncing GitHub team members.
• Fix ADO logo not showing up in detected components.
• Improved Bitbucket error handling, and began invalidating Bitbucket integrations if workspace no longer exists.
• Fixed handling of unusual file paths in repo checks, e.g. paths with spaces.
• Fixed inconsistent icons on Detected Components page.
• Fixed AWS MSK engine_version mapping.
• Fixed Microsoft Teams admin-approval consent workflow.
• Fixed Gitlab self-hosted repository alias generation, and backfill correct values for existing records.
• Made several performance improvements to filter predicate loading.
• Fixed matching of Snyk projects to repositories, where Snyk projects would sometimes include the branch name.

Feature

• Update user status display to a dot, shown on Users list and Team Members list.
• Add component type icons and colors to Type dropdown values in filters.
• Added a new drawer for viewing expanded deploy details.
• Enhance filter check links back to check source (Rubric, Campaign).
• Add public onCalls field to Service GraphQL type.
• Add configurable Datadog tag keys to monitor.
• Begin surfacing webhook errors on the Repository page.
• Surface public 'category' arg on componentType mutations.
• Render response messages from template runs.
• Show Jira rate limit errors in the UI.
• Stopped displaying hidden properties in the Register Component form.
• Added tokenOwner union field to ApiToken type in GraphQL, and deprecated owner field.
• Set audit actor when inactivating integrations.
• Improved Actions page layout and added a "Show inaccessible actions" control.
• Added integration name and link to detected components from custom integration events.
• Expand C# and .NET component detection rules.
• Added component_type as a liquid variable for use in actions.
• Add Google Cloud Function type for GCP integrations.
• Added a "Copy Identifier" button to Custom Integrations.
• Added support to paginate API Docs Search Results.
• Added a configurable minimum maturity level threshold for service level change notifications.
• Removed BigQuery Table and Bigtable Table from GCP Integration mapping to prevent catalog bloat and churn.
• Begin allowing teams to have multiple contact channels with the same address, as long as they have different display_name values.
• Users can create components of a specific type using templates.
• Upgrade Ruby 3.3.10 (patch release)
• Add support for JQ filtering on properties for relationship checks
• Add UI editing for system relationship management rules with field locking when rules exist
• Creating and deleting relationships now requires update permissions for at least one of the items in the relationship.
• Added the ability to rotate webhook url for event and custom integrations
• Added LuaRocks, opam, and OTP as supported package manager types

Requirement

• Upgraded to Node 22.x
• Upgrade syft sbom generation tooling to version 1.43.0
• Upgrade to Sidekiq 8 which requires Redis 7.0+

Security

• Greatly expanded dependency version pinning to increase resillience against supply chain attacks.
• Upgrade to Rails 7.2.3.1