diff --git a/_service b/_service
index bc9e4e8..81bc332 100644
--- a/_service
+++ b/_service
@@ -4,7 +4,7 @@
     <param name="filename">gosec</param>
     <param name="url">https://github.com/securego/gosec.git</param>
     <param name="scm">git</param>
-    <param name="version">v2.19</param>
+    <param name="version">v2.20</param>
     <param name="versionformat">@PARENT_TAG@</param>
     <param name="versionrewrite-pattern">v(.*)</param>
     <param name="versionrewrite-replacement">\1</param>
diff --git a/_servicedata b/_servicedata
index 7627b33..75e861f 100644
--- a/_servicedata
+++ b/_servicedata
@@ -1,4 +1,4 @@
 <servicedata>
 <service name="tar_scm">
                 <param name="url">https://github.com/securego/gosec.git</param>
-              <param name="changesrevision">d13d7dac9b7e2b40e86be5b830d297816376f1db</param></service></servicedata>
\ No newline at end of file
+              <param name="changesrevision">40f29c8d4abf59af475a79f6aa0268c296319501</param></service></servicedata>
\ No newline at end of file
diff --git a/gosec-2.19.0.obscpio b/gosec-2.19.0.obscpio
deleted file mode 100644
index a3b8360..0000000
--- a/gosec-2.19.0.obscpio
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:bcbf9622a434eef9ed08259fb87926a3b67a0252c356f32551c79fb8945367b8
-size 640524
diff --git a/gosec-2.20.0.obscpio b/gosec-2.20.0.obscpio
new file mode 100644
index 0000000..dc9ce6b
--- /dev/null
+++ b/gosec-2.20.0.obscpio
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:7078eb954f6862de1a0777dd13bb05b588d135dea2914a0ca6db1ffeff93fee4
+size 643084
diff --git a/gosec.changes b/gosec.changes
index 9550b6f..36cead2 100644
--- a/gosec.changes
+++ b/gosec.changes
@@ -1,3 +1,36 @@
+-------------------------------------------------------------------
+Thu May 16 08:20:50 UTC 2024 - felix.niederwanger@suse.de
+
+- Update to version 2.20.0:
+  * Update docker image in action to v2.20.0
+  * Catch os.ModePerm permissions in os.WriteFile
+  * Add a unit test to detect the false negative in rule G306 for os.ModePerm permissions
+  * Add filepath.EvalSymlinks to clean functions in rule G304
+  * chore(deps): update all dependencies
+  * Update Go to version 2.22.3 in CI and release
+  * chore(deps): update module golang.org/x/text to v0.15.0
+  * chore(deps): update all dependencies
+  * chore(deps): update module github.com/onsi/gomega to v1.33.0
+  * Update to go 1.22.2
+  * chore(deps): update all dependencies
+  * chore(deps): update module github.com/onsi/ginkgo/v2 to v2.17.1
+  * chore(deps): update all dependencies
+  * fix(helpers/goversion): get from go.mod
+  * chore: fix function name
+  * chore(deps): update all dependencies
+  * Format the imports using the gci tool
+  * Fixup: delete unused variable
+  * Fix test: update test to comply with the spec of generated sources
+  * Refactor: use standard function to check if a file is generated
+  * Fix lint warnings
+  * Add support for math/rand/v2 added in Go 1.22
+  * Skip the G601 tests for Go version 1.22
+  * Update go version to 1.22.1 and 1.21.8
+  * Ignore 'implicit memory aliasing' rule for Go 1.22+
+  * chore(deps): update all dependencies
+  * chore(deps): update module golang.org/x/tools to v0.18.0
+  * fix(hardcoded): remove duplicated `Stripe API Key`
+
 -------------------------------------------------------------------
 Tue Feb 13 07:48:54 UTC 2024 - felix.niederwanger@suse.de
 
diff --git a/gosec.obsinfo b/gosec.obsinfo
index 9325079..0a63c6a 100644
--- a/gosec.obsinfo
+++ b/gosec.obsinfo
@@ -1,4 +1,4 @@
 name: gosec
-version: 2.19.0
-mtime: 1707730297
-commit: d13d7dac9b7e2b40e86be5b830d297816376f1db
+version: 2.20.0
+mtime: 1715695036
+commit: 40f29c8d4abf59af475a79f6aa0268c296319501
diff --git a/gosec.spec b/gosec.spec
index 5f1a542..bea73a3 100644
--- a/gosec.spec
+++ b/gosec.spec
@@ -17,7 +17,7 @@
 
 
 Name:           gosec
-Version:        2.19.0
+Version:        2.20.0
 Release:        0
 Summary:        CLI tool to scan the Go AST and SSA code representations for security problems
 License:        Apache-2.0
diff --git a/vendor.tar.gz b/vendor.tar.gz
index c326b96..d2cede7 100644
--- a/vendor.tar.gz
+++ b/vendor.tar.gz
@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:b07f9598da59ce27c81e4b38ea7f04281275522b516ca1b7016e29c757e43174
-size 4185730
+oid sha256:6d7f9410d2dc2b0b81e58848221b1c01660b2a11142c3d982416d727584698e2
+size 4330350