More than a year in testing, and I have not seen problems myself anymore.

Thanks for the Gpg4win praise; however we don't have the required resources yet to take this up.

New option --force-sign-key for 2.2.28 and 2.3. Also added support to gpgme.

Looks okay. Thanks.

Actually we considerto remove this feature from the GUI because with the global config we have a more versatile feature now.

Note: If you want to set this early in your program you need to make sure that there is only one thread running.

We have used this task for more than the usual release info, thus the new title. We will use
T5343 for the 2.3.0 release info.

and item 6. Now for more testing.

Can you please also update AUTHORS and LICENSE files? I would also ask you to add

That is a problem on the macOS side, for example with their PINentry tool. Sorry, we can't help you here.
In any case we won't support a gpg4win version released nearly 4 years ago.

See the release notes for GnuPG 2.2.17 (T4606 first item). You need to import your peer's signature from a different source; e.g. ask them to send you your signed key by mail.

Items 1 to 5 have now been resolved.

That it. Things works nicely for me. Won't be backported to 2.2 because this introduces minor changes in the behaviour.

So we now get UTF-8 argv in all GnuPG modules. Globing has been enabled for gpg using our own globing code instead of the ASCII only "int _dowildcard = 1;" mingw way.

Well, this is a pure Windows bug. It easily shows up when running dozens of gpgsm processes each importing a different certificate (e.g. using Kleopatra's current importer, which spawns one process per cert). The only possible fix is to close all files before starting a long running operation *and* before locking the files.

Not many changes. Eventually a 2.2.28 will be pushed.

@rjh reported a problem with keyboxd from the current 2.3 beta on the ML. This is also a locking problem and _might_ be related to this bug.

The show error is due a missing translation. What happened was that the translation was marked fuzzy and this marker was removed not realizing that the string really changed. The change was "...in the GnuPG system" -> "...in the %s system" which had been done to allow for different gpg names.

A wild guess is that the different envvar systems we have in use are the culprit. It is anyway time to get this straight.

MSYS builds are not supported. All kind of stuff may go wrong. Just don't use it. Please use the standard installer as listed at gnupg.org or install gpg4win (which includes this installer).

Okay, okay, I had in mind that we print them because we used to put such certificates into the ephemeral certificate storage because it is not possible to check the signature. But I reliazed that this changed quite some time ago and we can view these error messages as informative only. They are now not anymore printed int quiet mode. Well, for 2.3 - not sure whether I should backport this to 2.2.

Can you please run