[est31]

Anything PGP based is disqualified usually because of decrypting to the hard disk. This means that an attacker that can read files at the right moment can access the decrypted file. pass thankfully uses /dev/shm so you don't have to worry about the password making it to the unallocated parts of your hard disk where it can be read out via hardware access, so it needs to be an active attack, but still.

[upofadown]

GPG decrypts to standard output (by default), can take input from standard input so that Pass uses this to avoid plaintext on storage media. The issue that /dev/shm addresses has nothing to do with PGP. It is when you want to use a text editor to modify an existing multiline entry. Then the text editor needs a file to edit.

[est31]

Fair points, I've checked source code and you are right, shm is indeed only used for editing, otherwise pipes are used.