checking gpg exit codes only is a security issue

[adrelanos]

Checking gpg exit codes only is insufficient. Quote Werner Koch (gnupg lead developer):

"there is no clear distinction between the codes and for proper error reporting you are advised to use the --status-fd messages."

(I am struggling with this as well in other projects, therefore I wrote gpg-bash-lib.)