diff --git a/proxy/Dockerfile b/proxy/Dockerfile
index 42b355019..e5dad7228 100644
--- a/proxy/Dockerfile
+++ b/proxy/Dockerfile
@@ -1,4 +1,4 @@
-ARG GOMPLATE_VERSION=v4.3.3
+ARG GOMPLATE_VERSION=v5.0.0
 
 
 # Use a named build stage for gomplate
diff --git a/sync/Dockerfile b/sync/Dockerfile
index 033e90fb6..7e0769996 100644
--- a/sync/Dockerfile
+++ b/sync/Dockerfile
@@ -7,7 +7,7 @@ RUN apt-get update && \
 # Install yq from the official Docker image
 COPY --from=mikefarah/yq /usr/bin/yq /usr/bin/
 
-ARG HELM_VERSION=v3.19.0
+ARG HELM_VERSION=v3.20.1
 RUN set -ex; \
     OS_ARCH="$(uname -m)"; \
     case "$OS_ARCH" in \
diff --git a/sync/zenith/sync/config.py b/sync/zenith/sync/config.py
index 2c5b02228..2e343ba4a 100644
--- a/sync/zenith/sync/config.py
+++ b/sync/zenith/sync/config.py
@@ -97,7 +97,7 @@ class OIDCConfig(Section):
     oauth2_proxy_cookie_secret_template: NonEmptyString = "oidc-cookie-{service_name}"
     #: The query parameters that are passed to the IDP in the authorize request
     #: For example, Keycloak allows a kc_idp_hint parameter that can be used to
-    #: pre-select an identity provider
+    #: preselect an identity provider
     #: See https://oauth2-proxy.github.io/oauth2-proxy/docs/configuration/alpha-config#loginurlparameter
     forwarded_query_params: list[ForwardedQueryParam] = Field(default_factory=list)
     #: The headers to inject into the request from claims in the ID token