Thanks.

If 7z is used to create a tarball that tarball is then 7z compressed. At least this is how I understand the case.
When gpgtar now tries to extract the file it sees a 7z file and thus emits the octal number warnings because it assumes a tarball (after decryption by gpg).

While reviewing this task I noticed that I wrote adding a -p option. This is non-sense, because -p is to preserve permissions at extract time; this is unrelated to the last modification time. Standard tar extract files and set the modification to the one given in the tarball - unless you use -m to use the current time. Thus this task is actually a bug and not a feature request. For backward compatibility this will be done only for gnupg26 for now.

ALright, let's go with that latest version (rKLEOPATRAab32b52a6cf8)

Applied Tobias installation patch to gpg4win master (vsd33)

My fault: All my test had the relax flag set which is so common to me that I did not thought about this. So you fix is for the case that no flag has been set for a fingerprint.

(Please don't set a milestone tag for a fix to an already released version - we use the milestones to track done tickets). Use instead the branch specific tag so it ends up on the workboard.

I reviewed this and there are actually two changes. The first chnage
is a simple string change from

Sorry, I don't understand your problem. Please explain what you did and what the (perceived) problem is. BTW, GnuPG 2.3.4 is a very old version.

You should use gpg-agent's integrated ssh-agent. It is anyway much more convenient. I'll move this task to gnupg26, though.

Backported to 2.4 to go into 2.4.6

Was fixed in master with rG374195e741cf1c52daad6c07799d308c8a9f73e3 (bug tag was missing in the commit).

Fix backported to 2.4

Alright, finally supported by gpgme (fot 1.24) For testing you may use

Thus the rule is that all our Qt applications except for pinentry need to fist initialize gpgme to get the actually used GNUPGEHOME. gpgconf either takes this from the GNUPGHOME envvar or from its default or via its gpgconf.ctl file.
The latter can eventually be used to move the default homedir to %APPDATA%\gnupg-vsd so to allow using different versions of the gnupg engine.

Indeed, gpg fixes a long standing bug in that expired trusted-keys were not correctly handled. Thus this error message

If we fix this bug for 2.2 we need to have a configure way to revert to the old behaviour. That needs to be a kleopatra config. Or we just don't fix this bug for current vsd but only for gpg4win and the next generation vsd.

Solved for gnupg 2.2, 2.4 and 2.6. GPGME support still missing.

iirc, Kleopatra modifies the trustlist.txt on its own. The import case is handled by gpgsm which pops up boths dialogs.
Kleopatra should also not offer to add a root CA if gpg-agent's mark-trusted feature has been disabled.

Also done for gpgsm in gnupg26 (master)

The C comittee is getting more an more absurd by adding new keywords. Breaking software for fun and funding. Workaround should be easy: Don't use the C23 option.

What about the simplification below. Add more authors and sort-lines as you like. There is no legal necessary to show a full list of copyright holders. Authors are not a legal term in the context of software because software is not considered a piece or art. From the GNU coding standards related to the version/about output:

See T7255 instead.