tests started to fail between 2026-02-14 and 2026-02-22

I'm working on packaging sq-git for Fedora. A test build I did before submitting the package for review passed successfully on Feb. 14, a new test build done for the package review on Feb. 22 had a lot of test failures, which all look similar to:

---- make_commit stdout ----
Using wall clock.
Creating /tmp/.tmpJUhSTX/gnupg
Creating /tmp/.tmpJUhSTX/git
Creating /tmp/.tmpJUhSTX/certd
Creating /tmp/.tmpJUhSTX/xdg_cache_home
Creating /tmp/.tmpJUhSTX/scratch
$ "gpg" "--version"
 -> success
stdout:
gpg (GnuPG) 2.4.9
libgcrypt 1.12.0-unknown
Copyright (C) 2025 g10 Code GmbH
License GNU GPL-3.0-or-later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Home: /tmp/.tmpJUhSTX/gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2
stderr:
gpg: WARNING: unsafe permissions on homedir '/tmp/.tmpJUhSTX/gnupg'
$ "gpg" "--status-fd=2" "--import" F90C9E58704EA6515240FB19D89307BF217283E5
 -> failure
stdout:
stderr:
gpg: WARNING: unsafe permissions on homedir '/tmp/.tmpJUhSTX/gnupg'
gpg: keybox '/tmp/.tmpJUhSTX/gnupg/pubring.kbx' created
gpg: /tmp/.tmpJUhSTX/gnupg/trustdb.gpg: trustdb created
[GNUPG:] KEY_CONSIDERED F90C9E58704EA6515240FB19D89307BF217283E5 0
gpg: key D89307BF217283E5: public key "<willow@scoobies.example>" imported
[GNUPG:] IMPORTED D89307BF217283E5 <willow@scoobies.example>
[GNUPG:] IMPORT_OK 1 F90C9E58704EA6515240FB19D89307BF217283E5
[GNUPG:] KEY_CONSIDERED F90C9E58704EA6515240FB19D89307BF217283E5 0
gpg: key D89307BF217283E5/0CADEFD4111E53BB: error sending to agent: Bad secret key
gpg: error reading '[stdin]': Bad secret key
gpg: import from '[stdin]' failed: Bad secret key
gpg: Total number processed: 0
gpg:               imported: 1
gpg:       secret keys read: 1
[GNUPG:] IMPORT_RES 0 0 1 0 0 0 0 0 0 1 0 0 0 0 0
[GNUPG:] FAILURE gpg-exit 33554433
Error: command failed
$ gpg --import
stdout:
stderr:
gpg: WARNING: unsafe permissions on homedir '/tmp/.tmpJUhSTX/gnupg'
gpg: keybox '/tmp/.tmpJUhSTX/gnupg/pubring.kbx' created
gpg: /tmp/.tmpJUhSTX/gnupg/trustdb.gpg: trustdb created
[GNUPG:] KEY_CONSIDERED F90C9E58704EA6515240FB19D89307BF217283E5 0
gpg: key D89307BF217283E5: public key "<willow@scoobies.example>" imported
[GNUPG:] IMPORTED D89307BF217283E5 <willow@scoobies.example>
[GNUPG:] IMPORT_OK 1 F90C9E58704EA6515240FB19D89307BF217283E5
[GNUPG:] KEY_CONSIDERED F90C9E58704EA6515240FB19D89307BF217283E5 0
gpg: key D89307BF217283E5/0CADEFD4111E53BB: error sending to agent: Bad secret key
gpg: error reading '[stdin]': Bad secret key
gpg: import from '[stdin]' failed: Bad secret key
gpg: Total number processed: 0
gpg:               imported: 1
gpg:       secret keys read: 1
[GNUPG:] IMPORT_RES 0 0 1 0 0 0 0 0 0 1 0 0 0 0 0
[GNUPG:] FAILURE gpg-exit 33554433

Both the last known "good" and first known "bad" builds used the same GnuPG version (2.4.9 with FreePG and Fedora patches) and sequoia-openpgp version (v2.2.0 with OpenSSL crypto backend).

Maybe it's more expired test certs / keys (similar to the issue in sq-wot, where tests also fail since Feb. 15: sequoia-wot#59 (closed))?