diff --git a/_constraints b/_constraints
new file mode 100644
index 0000000..a275540
--- /dev/null
+++ b/_constraints
@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<constraints>
+  <hardware>
+    <disk>
+      <size unit="G">10</size>
+    </disk>
+  </hardware>
+</constraints>
diff --git a/_service b/_service
index e206ff5..9022088 100644
--- a/_service
+++ b/_service
@@ -2,7 +2,7 @@
   <service name="tar_scm" mode="disabled">
     <param name="url">https://github.com/aquasecurity/trivy</param>
     <param name="scm">git</param>
-    <param name="revision">v0.38.2</param>
+    <param name="revision">v0.38.3</param>
     <param name="versionformat">@PARENT_TAG@</param>
     <param name="versionrewrite-pattern">v(.*)</param>
     <param name="changesgenerate">enable</param>
diff --git a/_servicedata b/_servicedata
index d92a715..0fac1df 100644
--- a/_servicedata
+++ b/_servicedata
@@ -1,4 +1,4 @@
 <servicedata>
 <service name="tar_scm">
                 <param name="url">https://github.com/aquasecurity/trivy</param>
-              <param name="changesrevision">800473a8bcd36b8ec83eeb643e01e4822c5fe712</param></service></servicedata>
\ No newline at end of file
+              <param name="changesrevision">a12f58be57931c13b5ba9016bc8afd52bd63d3ae</param></service></servicedata>
\ No newline at end of file
diff --git a/trivy-0.38.2.tar.zst b/trivy-0.38.2.tar.zst
deleted file mode 100644
index fd6e27d..0000000
--- a/trivy-0.38.2.tar.zst
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:e02ccc6dd939af3ece6781705432f60b62c26e160001f8231bbc24158e388fb1
-size 44709540
diff --git a/trivy-0.38.3.tar.zst b/trivy-0.38.3.tar.zst
new file mode 100644
index 0000000..28ed8d7
--- /dev/null
+++ b/trivy-0.38.3.tar.zst
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:a7ca8865087b1cc8dea0b3ef96c5e1c501e795c01aca167b5acafbee942660af
+size 44721671
diff --git a/trivy.changes b/trivy.changes
index f01b6d3..7c9818f 100644
--- a/trivy.changes
+++ b/trivy.changes
@@ -1,3 +1,22 @@
+-------------------------------------------------------------------
+Tue Mar 14 09:56:08 UTC 2023 - dmueller@suse.com
+
+- Update to version 0.38.3:
+  * chore(deps): bump github.com/aws/aws-sdk-go-v2/service/ec2 from 1.86.1 to 1.89.1 (#3827)
+  * fix(java): skip empty files for jar post analyzer (#3832)
+  * fix(docker): build healthcheck command for line without /bin/sh prefix (#3831)
+  * refactor(license): use goyacc for license parser (#3824)
+  * chore(deps): bump github.com/docker/docker from 23.0.0-rc.1+incompatible to 23.0.1+incompatible (#3586)
+  * fix: populate timeout context to node-collector (#3766)
+  * fix: exclude node collector scanning (#3771)
+  * fix: display correct flag in error message when skipping java db update #3808
+  * fix: disable jar analyzer for scanners other than vuln (#3810)
+  * fix(sbom): fix incompliant license format for spdx (#3335)
+  * fix(java): the project props take precedence over the parent's props (#3320)
+  * docs: add canary build info to README.md (#3799)
+  * docs: adding link to gh token generation (#3784)
+  * docs: changing docs in accordance with #3460 (#3787)
+
 -------------------------------------------------------------------
 Wed Mar 08 11:02:13 UTC 2023 - dmueller@suse.com
 
diff --git a/trivy.spec b/trivy.spec
index 22eccbd..4f41255 100644
--- a/trivy.spec
+++ b/trivy.spec
@@ -19,7 +19,7 @@
 
 %global goipath github.com/aquasecurity/trivy
 Name:           trivy
-Version:        0.38.2
+Version:        0.38.3
 Release:        0
 Summary:        A Simple and Comprehensive Vulnerability Scanner for Containers
 License:        Apache-2.0
diff --git a/vendor.tar.zst b/vendor.tar.zst
index e3ac36e..3e75425 100644
--- a/vendor.tar.zst
+++ b/vendor.tar.zst
@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:96792a768276d2d9c0832f05696b1dbbf386e98b52f633e8ad956b166c57815f
-size 41282728
+oid sha256:9b5343aa5bcefcd310cb398274c04a532eaccab59dbf053082ff65ab8e67095f
+size 41287987