diff --git a/_service b/_service
index 4029343..2cd43e7 100644
--- a/_service
+++ b/_service
@@ -1,14 +1,14 @@
-
+
https://github.com/anchore/syft
git
.git
- v0.86.1
+ v0.89.0
@PARENT_TAG@
enable
v(.*)
-
+
syft
@@ -16,6 +16,6 @@
*.tar
gz
-
+
diff --git a/_servicedata b/_servicedata
index f04dd21..7a8b333 100644
--- a/_servicedata
+++ b/_servicedata
@@ -1,4 +1,4 @@
https://github.com/anchore/syft
- e2f7befbfbf88053dfb2007c6499a4bb2d232c3c
\ No newline at end of file
+ b454160549bbd199e0a5693750856f30b41767f7
\ No newline at end of file
diff --git a/syft-0.86.1.obscpio b/syft-0.86.1.obscpio
deleted file mode 100644
index c6ad7d6..0000000
--- a/syft-0.86.1.obscpio
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:5c4dfbc5da0682d8801737df954430bc91ade107cff738777dbfe344c68b2b4c
-size 21723149
diff --git a/syft-0.89.0.obscpio b/syft-0.89.0.obscpio
new file mode 100644
index 0000000..8a3768d
--- /dev/null
+++ b/syft-0.89.0.obscpio
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:d1bbe8b228d347d7996d6d01fefe6d76863fdfcbbde7d142314631750ebee541
+size 21819405
diff --git a/syft.changes b/syft.changes
index 1f80bb3..4d08ff1 100644
--- a/syft.changes
+++ b/syft.changes
@@ -1,3 +1,93 @@
+-------------------------------------------------------------------
+Tue Sep 05 14:57:48 UTC 2023 - kastl@b1-systems.de
+
+- Update to version 0.89.0:
+ * tidy gomod and gitignore (#2082)
+ * fix quiet flag (#2081)
+ * fix: in some cases, try to use pom info to guess name and
+ version to top level jar (#2080)
+ * fix: don't panic on universal go binaries (#2078)
+ * chore: update CLI to CLIO (#2001)
+ * Add registry certificate verification support (#1734)
+ * fix: CPE generation for django (#2068)
+
+-------------------------------------------------------------------
+Tue Sep 05 14:54:29 UTC 2023 - kastl@b1-systems.de
+
+- Update to version 0.88.0:
+ * chore: update quill to the latest version (#2065)
+ * fix: duplicate entries in cyclonedx dependency list (#2063)
+ * Fix panic in pom parsing (#2064)
+ * Fix: don't validate pom declared group (#2054)
+ * chore: trace log pom property reflect usage (#2059)
+ * fix: do not double-prefix symlink paths that already contain
+ volume names (#2051)
+ * feat: add bash classifier (#2055)
+ * Detect golang boring crypto and fipsonly modules (#2021)
+ * fix: properly parse conan ref and include user and channel
+ (#2034)
+ * chore(deps): bump github.com/charmbracelet/lipgloss from 0.7.1
+ to 0.8.0 (#2053)
+ * Enable reading non-utf-8 encodings for java pom.xml files
+ (#2047)
+ * feat: 1944 - update purl generation to use a consistent groupID
+ (#2033)
+ * chore(deps): bump github.com/google/uuid from 1.3.0 to 1.3.1
+ (#2049)
+ * chore(deps): update bootstrap tools to latest versions (#2048)
+ * chore(deps): bump github.com/jinzhu/copier from 0.3.5 to 0.4.0
+ (#2045)
+ * chore(deps): update CPE dictionary index (#2043)
+ * fill out new version notice (#2042)
+
+-------------------------------------------------------------------
+Tue Sep 05 14:49:59 UTC 2023 - kastl@b1-systems.de
+
+- Update to version 0.87.1:
+ * feat: use java package names to determine known groupids
+ (#2032)
+ * fix: inconsistent removal of binaries by overlap (#2036)
+ * fix: CycloneDX relationships not output or decoded properly
+ (#1974)
+ * chore: restore cataloger.DefaultConfig (#2028)
+
+-------------------------------------------------------------------
+Tue Sep 05 14:31:00 UTC 2023 - kastl@b1-systems.de
+
+- Update to version 0.87.0:
+ * fix: read direct package files when decoding SPDX tag-value
+ (#2014)
+ * chore(deps): update bootstrap tools to latest versions (#2022)
+ * chore(deps): update CPE dictionary index (#2025)
+ * chore(deps): update bootstrap tools to latest versions (#2012)
+ * chore(deps): bump github.com/vifraa/gopom from 0.2.2 to 1.0.0
+ (#2008)
+ * 1948-filter-pkg-by-type (#2011)
+ * chore(deps): bump github.com/dave/jennifer from 1.6.1 to 1.7.0
+ (#2009)
+ * fix: SPDX license values and download location (#2007)
+ * 931: binary cataloger exclusion defaults for ownership by
+ overlap (#1948)
+ * chore(deps): bump golang.org/x/net from 0.13.0 to 0.14.0
+ (#2004)
+ * chore(deps): bump modernc.org/sqlite from 1.24.0 to 1.25.0
+ (#1998)
+ * test: add coverage for new rpmdb paths (#1999)
+ * chore: improve spdx purl decoding (#1996)
+ * fix: gradle lockfile parser groupId handling (#1995)
+ * fix: update glob to use newer usr/lib/sysimage path (#1997)
+ * fix: opkg search glob (#1994)
+ * feat: nginx binary classifier (#1988)
+ * Expand deb cataloger to include opkg (#1985)
+ * chore(deps): update bootstrap tools to latest versions (#1991)
+ * chore(deps): bump github.com/google/go-containerregistry
+ (#1993)
+ * chore: update bubbly to fix hanging (#1990)
+ * chore(deps): bump golang.org/x/net from 0.12.0 to 0.13.0
+ (#1989)
+ * feat: use originator logic to fill supplier (#1980)
+ * add metadata types to all cpe test fixtures (#1982)
+
-------------------------------------------------------------------
Tue Aug 01 10:30:23 UTC 2023 - kastl@b1-systems.de
diff --git a/syft.obsinfo b/syft.obsinfo
index 5c82151..8f920f5 100644
--- a/syft.obsinfo
+++ b/syft.obsinfo
@@ -1,4 +1,4 @@
name: syft
-version: 0.86.1
-mtime: 1690824558
-commit: e2f7befbfbf88053dfb2007c6499a4bb2d232c3c
+version: 0.89.0
+mtime: 1693493432
+commit: b454160549bbd199e0a5693750856f30b41767f7
diff --git a/syft.spec b/syft.spec
index 0da5fbf..726afd9 100644
--- a/syft.spec
+++ b/syft.spec
@@ -19,7 +19,7 @@
%define __arch_install_post export NO_BRP_STRIP_DEBUG=true
Name: syft
-Version: 0.86.1
+Version: 0.89.0
Release: 0
Summary: CLI tool and library for generating a Software Bill of Materials
License: Apache-2.0
diff --git a/vendor.tar.gz b/vendor.tar.gz
index 54f6cbc..955ee6b 100644
--- a/vendor.tar.gz
+++ b/vendor.tar.gz
@@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
-oid sha256:a43332e2fa9f31d1599f9cd927e857e1f626fdba224195e9ca63f24c40143469
-size 33679018
+oid sha256:e988985c7c0128601bdd857b7166c7c1c3b8193655f84b226f0b5ab4aee9a9d7
+size 34025988