diff --git a/security/py-tuf/Makefile b/security/py-tuf/Makefile
index 4c6e17ec7760..e9887766e536 100644
--- a/security/py-tuf/Makefile
+++ b/security/py-tuf/Makefile
@@ -1,31 +1,31 @@
 PORTNAME=	tuf
-DISTVERSION=	3.1.1
+DISTVERSION=	4.0.0
 CATEGORIES=	security devel python
 MASTER_SITES=	PYPI
 PKGNAMEPREFIX=	${PYTHON_PKGNAMEPREFIX}
 
 MAINTAINER=	bofh@FreeBSD.org
 COMMENT=	Framework for securing software update systems
 WWW=		https://www.updateframework.com
 
 LICENSE=	APACHE20 MIT
 LICENSE_COMB=	dual
 LICENSE_FILE_APACHE20=	${WRKSRC}/LICENSE
 LICENSE_FILE_MIT=	${WRKSRC}/LICENSE-MIT
 
 BUILD_DEPENDS=	${PYTHON_PKGNAMEPREFIX}hatchling>=1.13.0:devel/py-hatchling@${PY_FLAVOR}
 RUN_DEPENDS=	${PYTHON_PKGNAMEPREFIX}requests>=2.19.1:www/py-requests@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}securesystemslib>=0.26.0:security/py-securesystemslib@${PY_FLAVOR}
 
 USES=		python
 USE_PYTHON=	autoplist concurrent pep517 pytest
 
 NO_ARCH=	yes
 
 PYTEST_BROKEN_TESTS=	test_cleanup TestRepoExamples # uses files missing from pypi distribution
 
 post-patch:
 	@${REINPLACE_CMD} 's|hatchling==1|hatchling>=1|g' \
 		${WRKSRC}/pyproject.toml
 
 .include <bsd.port.mk>
diff --git a/security/py-tuf/distinfo b/security/py-tuf/distinfo
index cf8e8f920ff8..9099cab8f77d 100644
--- a/security/py-tuf/distinfo
+++ b/security/py-tuf/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1708144802
-SHA256 (tuf-3.1.1.tar.gz) = 73b3c89a0acdfe90434bba3118c90c584ef1c56bc0c4565852e917408b774130
-SIZE (tuf-3.1.1.tar.gz) = 266714
+TIMESTAMP = 1712344733
+SHA256 (tuf-4.0.0.tar.gz) = 87df89e5e50b0bf85ec84b7aabdac41a54cddaa8c6ce85ac5fae38ea786a12f6
+SIZE (tuf-4.0.0.tar.gz) = 270142