Thanks for reaching out on this, Brijesh. Glad to see you are here wanting to improve this feature that helps users get started with phpBB with fewer barriers to entry.
I'm not a Softaculous user in order to say exactly what's happening, or to declare there is a bug that needs fixed. Certainly if steps like the existing /vendor/ folder not being removed before applying the updated /vendor/ folder hadn't been performed prior to now, that will certainly help eliminate issues and improve correctness of the installation. I am a Installatron user and had to raise that same bug with them some time back during phpBB 3.2.4 time frame, too.
The other thing I am assuming here is that it is indeed "just the file-related deletion and copy" actions that Softaculous is scripting here. And when it comes time to actually "perform the install" or "perform the update", Softaculous is invoking the phpBB-supplied CLI installation code via /install/phpbbcli.php. Rather than Softaculous having any need to "directly modify the database to achieve the installation" or similar, to perform upgrade work that phpBB-provided code would have normally been assumed to have handled.
Maybe one other thing that would help here is if you could confirm whether Softaculous has any need to "modify the phpBB-supplied files with Softaculous-specific modifications." Because a lot — and I mean, a lot — of hay is made about that point, without evidence, about third-party installers in general. A confirmation that Softaculous has no need or intention to do that, or a declaration of what Softaculous does currently need to do that makes the phpBB files different from the official download, might go a long way towards clearing away some of the FUD that surrounds this.
One other "bug" or perhaps improvement reported to Installatron which they seem to have adopted is to only apply the .htaccess file included with phpBB "when there have actually been changes." Meaning to a large extent, treat the .htaccess file similar to how the config.php is treated, and assume "it could contain site-critical information" and cannot simply be overwritten with the default phpBB-supplied file without consequences. But, albeit rarely
, phpBB does actually ship changes in the .htaccess file, and so applying the phpBB-supplied file is needed "in some cases." But a user having their site "go down in the middle of the night" every time
a phpBB update is applied, just because the .htaccess file got overwritten "again", seems unnecessary.