diff --git a/.gitea/workflows/release.yml b/.gitea/workflows/release.yml
index 3f07e0f..73dd95e 100644
--- a/.gitea/workflows/release.yml
+++ b/.gitea/workflows/release.yml
@@ -37,20 +37,49 @@ jobs:
           cp shell/decode.sh release/
           cd release && sha256sum * > SHA256SUMS
 
-      - name: Create release
-        uses: https://gitea.com/actions/gitea-release-action@v1
-        with:
-          files: release/*
-          body: |
-            ## encrypted_archive ${{ gitea.ref_name }}
+      - name: Create release via API
+        env:
+          TAG: ${{ gitea.ref_name }}
+          TOKEN: ${{ secrets.GITEA_TOKEN }}
+          API_URL: ${{ gitea.server_url }}/api/v1/repos/${{ gitea.repository }}
+        run: |
+          BODY=$(cat <<'NOTES'
+          ## encrypted_archive ${TAG}
 
-            ### Artifacts
+          ### Artifacts
 
-            | File | Description |
-            |------|-------------|
-            | `encrypted_archive-linux-amd64` | Linux x86_64 (static musl) |
-            | `encrypted_archive-linux-arm64` | Linux aarch64 (static musl) |
-            | `encrypted_archive-windows-amd64.exe` | Windows x86_64 |
-            | `ArchiveDecoder.kt` | Kotlin/Android decoder (source) |
-            | `decode.sh` | POSIX shell decoder (requires OpenSSL) |
-            | `SHA256SUMS` | Checksums for all files |
+          | File | Description |
+          |------|-------------|
+          | `encrypted_archive-linux-amd64` | Linux x86_64 (static musl) |
+          | `encrypted_archive-linux-arm64` | Linux aarch64 (static musl) |
+          | `encrypted_archive-windows-amd64.exe` | Windows x86_64 |
+          | `ArchiveDecoder.kt` | Kotlin/Android decoder (source) |
+          | `decode.sh` | POSIX shell decoder (requires OpenSSL) |
+          | `SHA256SUMS` | Checksums for all files |
+          NOTES
+          )
+
+          # Create release
+          RELEASE_ID=$(curl -s -X POST "${API_URL}/releases" \
+            -H "Authorization: token ${TOKEN}" \
+            -H "Content-Type: application/json" \
+            -d "{
+              \"tag_name\": \"${TAG}\",
+              \"name\": \"${TAG}\",
+              \"body\": $(echo "$BODY" | jq -Rs .),
+              \"draft\": false,
+              \"prerelease\": false
+            }" | jq -r '.id')
+
+          echo "Created release ID: ${RELEASE_ID}"
+
+          # Upload each artifact
+          for file in release/*; do
+            filename=$(basename "$file")
+            echo "Uploading ${filename}..."
+            curl -s -X POST "${API_URL}/releases/${RELEASE_ID}/assets?name=${filename}" \
+              -H "Authorization: token ${TOKEN}" \
+              -F "attachment=@${file}"
+          done
+
+          echo "Release ${TAG} published with $(ls release/ | wc -l) assets"