--passphrase-fd n Read the passphrase from file descriptor n. Only the first line will be read from file descriptor n. If you use 0 for n, the passphrase will be read from STDIN. This can only be used if only one passphrase is supplied. Note that since Version 2.0 this passphrase is only used if the option --batch has also been given. Since Version 2.1 the --pinentry-mode also needs to be set to loopback.
However it seems that despite of version 2.2.27, --pinentry-mode loopback is not needed and it still works for me with e.g.:
gpg --quiet --no-verbose --no-greeting --batch --no-options --no-random-seed-file --no-default-keyring --keyring /dev/null --no-keyring --trustdb-name /dev/null --disable-dirmngr --passphrase-fd 0 --pinentry-mode loopback --no-symkey-cache --decrypt
--no-default-keyring Do not add the default keyrings to the list of keyrings. Note that GnuPG will not operate without any keyrings, so if you use this option and do not provide alternate keyrings via --keyring or --secret-keyring, then GnuPG will still use the default pub‐ lic or secret keyrings.
First, AFAIU --secret-keyring is obsolete? Second, this is a bit ambiguous, it says without alternative --keyring it would still use the default keyring,.. but is this also the case when --no-keyring is used?
In past times I had to use --no-default-keyring --keyring /dev/null --secret-keyring /dev/null... my understanding was that now a simple --no-keyring would be enough?