# Modrinth Plus Self-Updates

Modrinth Plus uses the existing Tauri updater flow from the upstream Modrinth App. Release builds check the Gitea generic package registry for `latest.json` and show the in-app update notification after startup when a newer signed build exists.

The updater requires signing. Tauri does not allow unsigned updater installs, so the Gitea repository must provide these Actions secrets:

- `TAURI_SIGNING_PRIVATE_KEY`: private key generated by `tauri signer generate`.
- `TAURI_SIGNING_PRIVATE_KEY_PASSWORD`: optional key password.
- `TAURI_SIGNING_PUBLIC_KEY`: public key generated next to the private key.
- `REGISTRY_TOKEN`: Gitea token with package write access.

Generate a keypair with the Tauri CLI:

```powershell
pnpm --filter @modrinth/app exec tauri signer generate -- -w "$env:USERPROFILE\.tauri\modrinth-plus-updater.key"
```

Use the `.key` file content as `TAURI_SIGNING_PRIVATE_KEY` and the `.key.pub` file content as `TAURI_SIGNING_PUBLIC_KEY`.

The Gitea workflow patches the public key into `apps/app/tauri-release.conf.json` at build time, builds a signed Windows updater bundle, uploads the installer and updater bundle to the package registry, and publishes `latest.json` at:

```text
https://git.wilkensxl.de/api/packages/MrSphay/generic/modrinth-plus/latest/latest.json
```