JuliaCon review

[ranocha]

This is part of the review https://github.com/JuliaCon/proceedings-review/issues/165

Thanks a lot for your contributions 🙂 Please find below some comments based on the review checklist:

• [x] Review item "Does the full list of paper authors seem appropriate and complete?": Based on the contributors overview, it is questionable whether Kerstin Weinberg can be an author of this publication - one commit with two lines changes in the README.md. There is also another contributor oldninja with more commits. Please clarify this aspect (e.g., by extended guidance and mentorship by her, pair programming, ...) and note that basically the JOSS policy applies.
• [x] Can you please make the legend of Figure 2 bigger to make it easier to read?
• [x] Could you please clarify the audience of you package in the statement of need section a bit? Is it mostly interesting for people developing new methods as a playground or for practitioners interested in high-performance computations with default methods?
• [x] There are performance claims in the paper (section 3) without any details or further references. This conflicts with one of the items in the review checklist.
• [x] I get a 404 error when clicking on the "Report a Vulnerability" in SECURITY.md.
• [x] There are no figures in https://kaipartmann.github.io/Peridynamics.jl/stable/generated/tutorial_wave_in_bar/ - why?
• [x] Please fix https://github.com/kaipartmann/Peridynamics.jl/issues/167

[kaipartmann]

Hello @ranocha,

Thank you very much for your review! I pushed some changes to the paper branch and addressed most of the points you mentioned. Please let me know if you have further comments on these changes.

I have some questions regarding the open points.

Regarding the first bullet point, Kerstin Weinberg provided extended guidance and support throughout the development of the Julia package, offering regular feedback on its direction and plans. Extended pair programming sessions were also used, enhancing our debugging approach and overall code quality. Is adding an author's contribution section to the paper necessary to clarify this aspect, or is this clarification just needed for the review process?

I checked the link in SECURITY.md with different machines, and it worked for me. I compared it with the link in https://github.com/trixi-framework/Trixi.jl/blob/5c9332b944fb37d2432ea9e14c7d8fc77ce8ee24/SECURITY.md?plain=1#L18, and it has the same URL structure. On which browser/device did you check the link?

[ranocha]

Regarding the first bullet point, Kerstin Weinberg provided extended guidance and support throughout the development of the Julia package, offering regular feedback on its direction and plans. Extended pair programming sessions were also used, enhancing our debugging approach and overall code quality. Is adding an author's contribution section to the paper necessary to clarify this aspect, or is this clarification just needed for the review process?

It's required for the review process. Your answer is fine with me - that's why I have suggested several options to justify this. It's just part of the (JOSS) review process, which is a bit different from standard journals (due to the focus on code).

[ranocha]

I checked the link in SECURITY.md with different machines, and it worked for me. I compared it with the link in https://github.com/trixi-framework/Trixi.jl/blob/5c9332b944fb37d2432ea9e14c7d8fc77ce8ee24/SECURITY.md?plain=1#L18, and it has the same URL structure.

Did you try that while not being logged-in as an admin of this repo?

[ranocha]

Please remember to release a new version of the software including your recent improvements - and to merge/rebase your paper branch accordingly so that it contains the full software (see https://joss.readthedocs.io/en/latest/submitting.html#submission-requirements)

[kaipartmann]

I checked the link in SECURITY.md with different machines, and it worked for me. I compared it with the link in https://github.com/trixi-framework/Trixi.jl/blob/5c9332b944fb37d2432ea9e14c7d8fc77ce8ee24/SECURITY.md?plain=1#L18, and it has the same URL structure.

Did you try that while not being logged-in as an admin of this repo?

Yes, within a private browser window and on different machines. Then it is necessary to sign in to submit a security vulnerability.

[kaipartmann]

Please remember to release a new version of the software including your recent improvements - and to merge/rebase your paper branch accordingly so that it contains the full software (see https://joss.readthedocs.io/en/latest/submitting.html#submission-requirements)

Thank you for this reminder! I will submit a patch release with all changes after #167 is fixed.

[ranocha]

I still get

[kaipartmann]

Hm, that is really interesting...🧐 I have just tested it again with 3 of my colleagues on Linux, Windows and Mac and it worked for them. If it has anything to do with it, I also have enabled “Private vulnerability reporting” and some other advanced settings, maybe that solved it for you. Please check again, and also check if the green button "Report a vulnerability" is working. And please let me know which URL this button has on your machine, because this should be the same as in SECURITY.md.

[ranocha]

I also have enabled “Private vulnerability reporting”

This was it - now it works for me as well

[ranocha]

I'll close this in favor of #167