start: enable pinentry passphrase caching

[toobuntu]

Closes #145. Ref https://github.com/GPGTools/pinentry/blob/master/doc/pinentry.texi#L483

[toobuntu]

It feels like caching should be an opt-in feature, but this does seem like what most users would want.

Note: In the referenced docs there is mention of SETKEYINFO, but in my testing (set as "SETKEYINFO n/homebrew-autoupdate") it seemed harmful because it saves the passphrase in the macOS login keychain with no expiry under the name GnuPG, which can be seen in Keychain Access.app. Pinentry then uses the saved credentials on each subsequent invocation and sudo --reset-timestamp doesn't stop it because pinentry gets the passphrase directly from the keychain and supplies it to sudo. We would seemingly need to ensure that this key is deleted from the keychain, for example before exiting the SUDO_ASKPASS script (security delete-generic-password -a "homebrew-autoupdate" -D "application password" -s GnuPG). Not doing so could cause problems should the user later change the admin password (and it seems like the user should anyway be made aware of the persistent key storage). So I left it out.

[toobuntu]

@DomT4 The CI failure should be addressed by #153.

[DomT4]

Happy to go with this and we can have another look if there's issues. I agree with the logic discussed ref SETKEYINFO and the potential dangers there.

[DomT4]

Thank you again, and apologies for the wait.