If the default home directory ~/.gnupg does not exist, GnuPG creates this directory and a common.conf file with "use-keyboxd". If the option use-keyboxd is enabled in common.conf, no keyrings are used at all and keys are all maintained by the keyboxd process in its own database. This seemingly includes any keyring specified via the --keyring option and this breaks our signature verification of dependencies that we download in our Windows pipelines (see e.g. https://github.com/Yubico/libfido2/actions/runs/8082292785/job/22083086167#step:3:23).
If the default home directory ~/.gnupg does not exist, GnuPG creates this directory and a common.conf file with "use-keyboxd". If the option use-keyboxd is enabled in common.conf, no keyrings are used at all and keys are all maintained by the keyboxd process in its own database. This seemingly includes any keyring specified via the --keyring option and this breaks our signature verification of dependencies that we download in our Windows pipelines (see e.g. https://github.com/Yubico/libfido2/actions/runs/8082292785/job/22083086167#step:3:23).