It looks like both print_sha1_keysig_rejected_note and print_digest_rejected_note do not respect --quiet, though they probably should:
0 dkg@alice:~$ gpg --check-trustdb --quiet gpg: Note: signatures using the MD5 algorithm are rejected 0 dkg@alice:~$
This was first reported on gnupg-devel against 2.2.18 but appears to still be the case in 2.2.20.
Of course it is important, that's why it it printed by default.
But it shouldn't be printed with --quiet. According to the manpage, --quiet "[tries] to be as quiet as possible."
So either we don't output this message with --quiet, or we have to change the description of --quiet to "[try] to be quiet, except some things".
Robin H. Johnson created a patch for this:
Signed-off-by: Robin H. Johnson <robbat2@gentoo.org> --- g10/misc.c | 2 ++ 1 file changed, 2 insertions(+) diff --git g10/misc.c g10/misc.c index 22ed47e7c..d46fa90b2 100644 --- g10/misc.c +++ g10/misc.c @@ -366,6 +366,8 @@ print_sha1_keysig_rejected_note (void) { static int shown; + if (opt.quiet) + return; if (shown) return; -- 2.26.2
I reconsidered this. Suppressing such messages with --quiet is oka and will be in 2.2.24.