Should pinentry use libassuan and/or libgcrypt?

[Orion Poplawski]

Please pardon this naive question.  From a packaging standpoint, I was
trying to determine if pinentry "bundles" libassuan and/or parts of
libgcrypt (as secmem).  Apparently there is a "stripped down" libassuan in
assuan/, and it has a secmem/ directory which I think provides functionality
that is in libgcrypt.

Is there a technical reason to do it this way rather than using libassuan
and libgcrypt directly?  Naively I'm thinking that reusing security
sensitive code via a library would be better than copies of source code
making for multiple places to fix issues.

- Orion