Probably the same reason that pretty much no other package manager (or even major email provider, when email is ostensibly the most famous use-case for it) has adopted it: the UX is atrocious.
That's fair, distro package managers use it. I don't know of any language that uses it though; I think NuGet uses certificates for signing rather than PGP.