[or call it an issue of the gnupg interface and its difficulty using it inside scripts, unfinished python gpg libraries etc.]
Whonix consistently uses gpg-bash-lib. I’ve checked, that it is not affected by this issue. I.e. explicitly defining sig file and data file.
However, I welcome review for this issue and gpg-bash-lib generally. Also other (build) scripts using gpg may be affected.