[oleiade]

You're right.

Two alternatives possible, whether to add a '--password' global option allowing you to provide your password at runtime, or to implement https://github.com/tmc/keyring.

What do you think? Any other alternatives to suggest?

[zobzu]

gpg-agent, keychain, gnome-keyring, kwallet. keyring could be ok. It would be nice if it supported a few more things tho. not everyone's a gnome user for example. but since it's gpg, i would think gpg-agent suffices. most keyrings actually emulate the agent (same for SSH)

proposing the env variable passphrase means a lot of people will put the password <in clear, plain text> in their .zshrc, .bashrc, you name it