diff --git a/_service b/_service
index c911dcd..465ac08 100644
--- a/_service
+++ b/_service
@@ -3,7 +3,7 @@
https://github.com/anchore/syft
git
.git
- v0.73.0
+ v0.74.0
@PARENT_TAG@
enable
v(.*)
@@ -16,6 +16,6 @@
gz
- syft-0.73.0.tar.gz
+ syft-0.74.0.tar.gz
diff --git a/_servicedata b/_servicedata
index 2cf761f..7d023e9 100644
--- a/_servicedata
+++ b/_servicedata
@@ -1,4 +1,4 @@
https://github.com/anchore/syft
- aa151da5fe2a1b11502c852fd2d3ad462c1d245f
\ No newline at end of file
+ 5f90d0371873faf5eb8f2e748909b32294be6263
\ No newline at end of file
diff --git a/syft-0.73.0.tar.gz b/syft-0.73.0.tar.gz
deleted file mode 100644
index 785b86e..0000000
--- a/syft-0.73.0.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:61500b55da57b6cb3ed67c5ad4bda81e258389cfe5b2109b2cb8432f4becfd3e
-size 5490617
diff --git a/syft-0.74.0.tar.gz b/syft-0.74.0.tar.gz
new file mode 100644
index 0000000..eac652d
--- /dev/null
+++ b/syft-0.74.0.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:d8ff6c62a1701124900b9a65ed0a609dbcb48d711ebcc24daa132f4d74d7b940
+size 5511052
diff --git a/syft.changes b/syft.changes
index 966651a..58bbacf 100644
--- a/syft.changes
+++ b/syft.changes
@@ -1,3 +1,37 @@
+-------------------------------------------------------------------
+Fri Mar 03 05:40:08 UTC 2023 - kastl@b1-systems.de
+
+- Update to version 0.74.0:
+ * fix: possible race condition (#1639)
+ * fix: remove APK OriginPackage cpe candidates (#1637)
+ * fix: rebar lock file decoding panic (#1628)
+ * fix: handle individual cataloger panics (#1636)
+ * fix: apk product/vendor generation for old metadata (#1635)
+ * feat: rust toolchain binary cataloger (#1601)
+ * feat: retain go package info when no module declared (#1632)
+ * fix: improved CPE-generation for several more APK packages
+ (#1631)
+ * chore: update deprecated release flag (#1629)
+ * chore(deps): bump actions/upload-artifact from 2 to 3 (#1627)
+ * feat: add support for SUPPORT_END in /etc/os-release (#1612)
+ * fix: further improvements to CPE generation for apk packages
+ (#1623)
+ * chore(deps): bump github.com/stretchr/testify from 1.8.1 to
+ 1.8.2 (#1625)
+ * chore(deps): bump actions/checkout from 2 to 3 (#1626)
+ * feat: set cosign attest predicate type based on Syft output
+ type (#1598)
+ * chore(deps): bump github.com/spf13/afero from 1.9.3 to 1.9.4
+ (#1609)
+ * fix: correct apk purls for other distros (#1620)
+ * refactor: move apk upstream logic to apk metadata (#1619)
+ * fix: decoding null apk metadata pullDependencies (#1614)
+ * feat: haproxy binary matcher (#1591)
+ * fix: determine upstream for apk version streams (#1610)
+ * fix: improve CPE generation for curl APK (#1608)
+ * Revert "add workaround for macos github actions cache issue
+ (#1584)" (#1605)
+
-------------------------------------------------------------------
Thu Feb 23 10:37:37 UTC 2023 - kastl@b1-systems.de
diff --git a/syft.spec b/syft.spec
index 6e04d53..a31f652 100644
--- a/syft.spec
+++ b/syft.spec
@@ -19,7 +19,7 @@
%define __arch_install_post export NO_BRP_STRIP_DEBUG=true
Name: syft
-Version: 0.73.0
+Version: 0.74.0
Release: 0
Summary: CLI tool and library for generating a Software Bill of Materials
License: Apache-2.0
diff --git a/vendor.tar.gz b/vendor.tar.gz
index 012482c..b18b24a 100644
--- a/vendor.tar.gz
+++ b/vendor.tar.gz
@@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
-oid sha256:fb92b8201d830eec4f324b8b5ab54b84a316780ef48c604d7efefcf91dec9f23
-size 41285392
+oid sha256:3991ae3a0b50c63a8f88dc247e5bfdb71d6674045ed0454df5c13a142c945896
+size 40672322