Very likely this bug exists since 2017 when support for promotion of local certifications to exportable certifications was added.

Fixed in gpgmepp for gpd5x. I think for VSD 3.3 we'll add a patch to gpg4win.

yeah, I did not have exactly the same setting for the tests in the different versions… so no regression

After further investigation it looks like this bug exists since quite some time.

turns out that this seems to be a timing issue/race condition and disappears if more debug output is added

Well, I could not reproduce this at any time but tested decryption with long file paths to be sure nothing broke and it worked fine.

2.2 is end-of-life

I don't see a git tag for 2.2.47 -- i think it should be on rGf27fdc0cfe4f399a0acd8a8a4268559831da5016 but if there is one, i don't see it published.

The state machine in GpgSignKeyEditInteractor expects to see GET_BOOL sign_uid.okay and it should have answered with Y.

The dialog between gpg and Kleopatra looks like this:

[GNUPG:] KEY_CONSIDERED FADC4675146CFAF3D86F137E1D3C5E6E3DB3C71D 0<LF>
[GNUPG:] GET_LINE keyedit.prompt<LF>
sign
<LF>
[GNUPG:] GOT_IT<LF>
[GNUPG:] GET_BOOL keyedit.sign_all.okay<LF>
N
<LF>
[GNUPG:] GOT_IT<LF>
[GNUPG:] GET_LINE keyedit.prompt<LF>
uid D2C00A207DC184562E41517CBC5EF7175E8535E8
<LF>
[GNUPG:] GOT_IT<LF>
[GNUPG:] GET_LINE keyedit.prompt<LF>
uid 648AC172C3EC45F85AA2E68E46D3FEFABD1F5BD7
<LF>
[GNUPG:] GOT_IT<LF>
[GNUPG:] GET_LINE keyedit.prompt<LF>
sign
<LF>
[GNUPG:] GOT_IT<LF>
[GNUPG:] KEY_CONSIDERED FFDFEE2F0C8F278023284D90B0FBC8D8324859B9 0<LF>
[GNUPG:] GET_BOOL sign_uid.local_promote_okay<LF>
Y
<LF>
[GNUPG:] GOT_IT<LF>
[GNUPG:] GET_BOOL sign_uid.okay<LF>

and then nothing else.

with VSD-Beta-3.3.90.10:

This might also be related to rGa7ec3792c5 (cf. T2982)

There is no well defined pripority for the CRL DPs. The code enumarates the DP and tries one after the other until it founds one. If you use --ignore-http_dp http DPs are skipped and with --ignore-ldap-dp LDAP DPs are ignored.

1.53 has been released this morning.

With VS-Desktop-3.3.90.6-Beta:

Note that 1.53 was released today which fixes a small regression:

this is not included in the current testbulid

We suggest the use of the keyboxd for a reason. The use of multiple keyrings has always been a problem and has been kept on demand from a couple of people. Eventually things change and for a new installation the use of the keyboxd is the suggested way to run GnuPG. Support for pubring.gpg and even pubring.kbx may eventually be removed - not now or in the next year but it may happen. You have been warned ;-)

Fixed. If high-contrast is active then tool tips now use the same colors as buttons (e.g. white text on black for Kontrast No. 1).

Note: one of my patches makes gpgpass freeze when changing the users that can decrypt a certain folder (might not always be reproducible). This is caused by a Qt bug fixed with https://codereview.qt-project.org/c/qt/qtbase/+/638159

My above comment is true for the main case described in the ticket, cancelling decryption followed by "permanently decrypt".

I see no improvement in VSD-Beta-3.3.90.6, the issue persists.
Btw: Is this maybe related to T7596: GpgOL: Draft is not decrypted after cancelling decryption once?

After further testing:
The new level 3 icon is shown for most test cases. This ticket here is only for the new icon, therefore I'm setting this to done. I'll make a new ticket for the cases where the level is not detected correctly.

Fix pushed by: rG1ed8b0e7b403: dirmngr: Fix libdns with 127.0.0.1.