please update or remove the comment above

This test is no longer checking that fossology is running or responding! Please add also the old test back in.

Nice find. I just disabled that temporary for testing, but nearly forgot to add it back in. Thanks!

For the moving target sid it might be good to reference a package without a version, e.g. postgresql-server-dev-all. that will bring hidden problems. A failing apt-get install is the better choice.

So it's okay, if I understand that correctly?

it will break soon and is the same problem as in #864. Maybe it is a good idea to remove the sid option but I am not sure.
=> It is OK until someone finds a better solution.

IMHO it is reasonable to remove 'sid' support - as a bleeding edge unstable 'rolling' distro, much like arch, users are expected to "know what they are doing" - and for the same reason arch support was deemed to be not a priority, it is probably an extremely small use-case that anyone is running a server on 'sid' - the docker image is still there for those few

but on that note the 'buster' distro is just as volatile trailing only a few weeks behind 'sid' so they should stay or go together - but the main thing is that this is not going to "break" until v9.7 comes out - which will not exactly be broken - it is just adding yet another version to the stack as you see has been done several times already - and regardless of debian, this would still be the case for the next bi-annual release of ubuntu that includes v9.7

practically speaking, ubuntu is actually the more troublesome target than debian because it is guaranteed to requires a routine update to these install files every 6 months - so to be consistent with this decision, note that dropping support for 'buster' and 'sid' and supporting only the LTS releases of debian is the equivalent to only supporting ubuntu LTS every 2 years and not supporting any of the interim versions as has been done all along

to be clear, the point i raised was that ubuntu support is actually more work to maintain than debian because it is guaranteed to requires a routine update to these install files every 6 months - even if no dependencies change, a new ubuntu entry would need to be added every 6 months - that would not be the case for debian - unless dependencies change, a new debian entry would not need to be added until the next debian LTS version in 2-3 years - if every ubuntu version is to be supported, then keeping 'buster' and 'sid' will be exactly zero additional work because whatever dependency versions ubuntu requires, they take from what is current in debian testing (currently buster)

But Ubuntu will at least not break in the future. Unless someone of the developers uses buster or sid, we will not recognize when the dependencies break on these systems.

And AFAIK we can not test the dependencies with travis (unless we set up docker files for that)?

wel as i said it will not "break" - it will just require a new version of the PG libs - and that WILL happen - and it will happen in buster and ubuntu at the same time (within a few months)

you could use debootstrap (or several other tools) to test the debian builds on travis - but yea it's probably more trouble than it's worth - to be consistent then i would suggest to drop support for the non-LTS versions of ubuntu because it is no easier to support those on travis right?

also as i mention on my original PR - the entire hassle of version numbers could be avoided by requiring the metapackages like:

postgresql-server-dev-all
instead of
postgresql-server-dev-9.5
or
postgresql-server-dev-9.6

postgresql php php-pgsql php-cli php-curl php-xml
instead of
postgresql-9.5 libapache2-mod-php5 php5 php5-pgsql php5-cli php5-curl
or
postgresql-9.6 libapache2-mod-php7.0 php7.0 php7.0-pgsql php7.0-cli php7.0-curl php7.0-xml;;

just some ideas to lessen the maintenance load - fwiw - this is a nice feature but very few upstreams manage a script like this - they usually just post the dependencies in the README and let it to the user to prepare the environment and a ./configure script to verify it

Using metapackages leads to other problems. We explicitly use specific php and psql versions since we do not want to support all of them.

In my opinion, if one tries to install fossology on a not supported system, one should fail early in the install-deps-step instead of silently later, when some features in the application break.

+1 for the idea with the ./configure step for verifying dependencies.

unnecessary change.

why is this reformatting necessary?

because Only variables should be passed by reference starting with PHP 7.0

why is this reformatting necessary? $this->dbManager gets overwritten in the next line (with the same object)!

Why is it necessary to make phpunit a non-dev-dependency?

Drop the '5' from php packages?

keestux - to be clear, when you say drop support for php5, what you are really suggesting is to drop support for: squeeze, wheezy, lucid, natty, isadora, precise, oneiric, quantal, raring, saucy, trusty, jessie, xenial, yakkety

if you are only suggesting to drop the number '5' and require the meta-packages php, php-pgsql, php-cli, php-curl, etc. instead of php,5 php5-pgsql, php5-cli, php5-curl - that has already been suggested in this PR

Nevermind. I just got confused by Github which showed commit a4af5cc, but which is not present in the fresh clone that I made.