Bump peter-evans/create-or-update-comment from 4 to 5 in the actions group

[dependabot]

Bumps the actions group with 1 update: peter-evans/create-or-update-comment.

Updates peter-evans/create-or-update-comment from 4 to 5

Release notes

Sourced from peter-evans/create-or-update-comment's releases.

Create or Update Comment v5.0.0

⚙️ Requires Actions Runner v2.327.1 or later if you are using a self-hosted runner for Node 24 support.

What's Changed

• build(deps): bump peter-evans/create-or-update-comment from 3 to 4 by @​dependabot[bot] in peter-evans/create-or-update-comment#307
• build(deps-dev): bump @​types/node from 18.19.8 to 18.19.11 by @​dependabot[bot] in peter-evans/create-or-update-comment#308
• build(deps): bump peter-evans/slash-command-dispatch from 3 to 4 by @​dependabot[bot] in peter-evans/create-or-update-comment#310
• build(deps): bump peter-evans/create-pull-request from 5 to 6 by @​dependabot[bot] in peter-evans/create-or-update-comment#309
• build(deps-dev): bump @​types/node from 18.19.11 to 18.19.14 by @​dependabot[bot] in peter-evans/create-or-update-comment#311
• build(deps-dev): bump prettier from 3.2.4 to 3.2.5 by @​dependabot[bot] in peter-evans/create-or-update-comment#312
• build(deps-dev): bump eslint-plugin-jest from 27.6.3 to 27.8.0 by @​dependabot[bot] in peter-evans/create-or-update-comment#313
• build(deps-dev): bump @​types/node from 18.19.14 to 18.19.15 by @​dependabot[bot] in peter-evans/create-or-update-comment#314
• build(deps-dev): bump @​types/node from 18.19.15 to 18.19.17 by @​dependabot[bot] in peter-evans/create-or-update-comment#315
• build(deps-dev): bump eslint-plugin-jest from 27.8.0 to 27.9.0 by @​dependabot[bot] in peter-evans/create-or-update-comment#316
• build(deps-dev): bump eslint from 8.56.0 to 8.57.0 by @​dependabot[bot] in peter-evans/create-or-update-comment#318
• build(deps-dev): bump @​types/node from 18.19.17 to 18.19.19 by @​dependabot[bot] in peter-evans/create-or-update-comment#319
• build(deps-dev): bump eslint-plugin-github from 4.10.1 to 4.10.2 by @​dependabot[bot] in peter-evans/create-or-update-comment#320
• build(deps-dev): bump @​types/node from 18.19.19 to 18.19.21 by @​dependabot[bot] in peter-evans/create-or-update-comment#321
• build(deps-dev): bump @​types/node from 18.19.21 to 18.19.23 by @​dependabot[bot] in peter-evans/create-or-update-comment#322
• build(deps-dev): bump @​types/node from 18.19.23 to 18.19.26 by @​dependabot[bot] in peter-evans/create-or-update-comment#325
• build(deps-dev): bump @​types/node from 18.19.26 to 18.19.29 by @​dependabot[bot] in peter-evans/create-or-update-comment#326
• build(deps-dev): bump @​types/node from 18.19.29 to 18.19.31 by @​dependabot[bot] in peter-evans/create-or-update-comment#327
• build(deps): bump chuhlomin/render-template from 1.9 to 1.10 by @​dependabot[bot] in peter-evans/create-or-update-comment#328
• build(deps-dev): bump @​types/node from 18.19.31 to 18.19.32 by @​dependabot[bot] in peter-evans/create-or-update-comment#329
• build(deps-dev): bump @​types/node from 18.19.32 to 18.19.33 by @​dependabot[bot] in peter-evans/create-or-update-comment#330
• build(deps-dev): bump prettier from 3.2.5 to 3.3.0 by @​dependabot[bot] in peter-evans/create-or-update-comment#332
• build(deps-dev): bump @​types/node from 18.19.33 to 18.19.34 by @​dependabot[bot] in peter-evans/create-or-update-comment#333
• build(deps-dev): bump prettier from 3.3.0 to 3.3.2 by @​dependabot[bot] in peter-evans/create-or-update-comment#334
• build(deps-dev): bump braces from 3.0.2 to 3.0.3 by @​dependabot[bot] in peter-evans/create-or-update-comment#335
• build(deps-dev): bump ws from 7.5.9 to 7.5.10 by @​dependabot[bot] in peter-evans/create-or-update-comment#336
• build(deps-dev): bump @​types/node from 18.19.34 to 18.19.36 by @​dependabot[bot] in peter-evans/create-or-update-comment#337
• build(deps-dev): bump @​types/node from 18.19.36 to 18.19.39 by @​dependabot[bot] in peter-evans/create-or-update-comment#338
• build(deps-dev): bump @​types/node from 18.19.39 to 18.19.40 by @​dependabot[bot] in peter-evans/create-or-update-comment#340
• build(deps-dev): bump prettier from 3.3.2 to 3.3.3 by @​dependabot[bot] in peter-evans/create-or-update-comment#339
• build(deps-dev): bump @​types/node from 18.19.40 to 18.19.42 by @​dependabot[bot] in peter-evans/create-or-update-comment#342
• build(deps-dev): bump eslint-plugin-prettier from 5.1.3 to 5.2.1 by @​dependabot[bot] in peter-evans/create-or-update-comment#343
• build(deps-dev): bump @​types/node from 18.19.42 to 18.19.43 by @​dependabot[bot] in peter-evans/create-or-update-comment#345
• build(deps-dev): bump @​types/node from 18.19.43 to 18.19.44 by @​dependabot[bot] in peter-evans/create-or-update-comment#347
• build(deps-dev): bump @​types/node from 18.19.44 to 18.19.45 by @​dependabot[bot] in peter-evans/create-or-update-comment#348
• build(deps-dev): bump @​types/node from 18.19.45 to 18.19.47 by @​dependabot[bot] in peter-evans/create-or-update-comment#349
• build(deps-dev): bump @​types/node from 18.19.47 to 18.19.49 by @​dependabot[bot] in peter-evans/create-or-update-comment#350
• build(deps): bump peter-evans/create-pull-request from 6 to 7 by @​dependabot[bot] in peter-evans/create-or-update-comment#351
• build(deps-dev): bump @​types/node from 18.19.49 to 18.19.50 by @​dependabot[bot] in peter-evans/create-or-update-comment#352
• build(deps-dev): bump eslint from 8.57.0 to 8.57.1 by @​dependabot[bot] in peter-evans/create-or-update-comment#353
• build(deps-dev): bump @​vercel/ncc from 0.38.1 to 0.38.2 by @​dependabot[bot] in peter-evans/create-or-update-comment#354
• build(deps-dev): bump @​types/node from 18.19.50 to 18.19.51 by @​dependabot[bot] in peter-evans/create-or-update-comment#355
• Update distribution by @​actions-bot in peter-evans/create-or-update-comment#356
• build(deps-dev): bump @​types/node from 18.19.51 to 18.19.54 by @​dependabot[bot] in peter-evans/create-or-update-comment#357
• build(deps-dev): bump @​types/node from 18.19.54 to 18.19.55 by @​dependabot[bot] in peter-evans/create-or-update-comment#359
• build(deps): bump @​actions/core from 1.10.1 to 1.11.1 by @​dependabot[bot] in peter-evans/create-or-update-comment#360

... (truncated)

Commits

• e8674b0 feat: v5 (#439)
• fffe59e build(deps-dev): bump @​types/node from 18.19.127 to 18.19.129 (#438)
• 076d572 build(deps-dev): bump @​types/node from 18.19.126 to 18.19.127 (#437)
• 86a2645 build(deps-dev): bump @​vercel/ncc from 0.38.3 to 0.38.4 (#436)
• be17e0c build(deps-dev): bump @​types/node from 18.19.124 to 18.19.126 (#435)
• ef75eae build(deps-dev): bump @​types/node from 18.19.123 to 18.19.124 (#433)
• 82a7ad0 build(deps): bump actions/setup-node from 4 to 5 (#432)
• f7c845d build(deps-dev): bump @​types/node from 18.19.122 to 18.19.123 (#430)
• 5da8e07 build(deps-dev): bump eslint-plugin-prettier from 5.5.3 to 5.5.4 (#428)
• 2de7f66 build(deps-dev): bump @​types/node from 18.19.121 to 18.19.122 (#427)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Thanks for contributing to WooCommerce Free Gift Bulk Coupons Generator! 🎉

Before we review:

• Have you tested your changes with WordPress 6.5+ and WooCommerce 5.0+?
• Are your changes compatible with PHP 7.4+?
• Have you followed WordPress coding standards?
• Did you update the CHANGELOG.md if needed?

Security Reminder:
This plugin handles sensitive coupon generation, so please ensure:

• All user inputs are properly sanitized
• All outputs are properly escaped
• No security vulnerabilities are introduced

We'll review your PR soon! 🚀

[dependabot]

Looks like peter-evans/create-or-update-comment is updatable in another way, so this is no longer needed.

[github-actions]

🤖 Gemini Issue Analysis

Excellent. As an expert WordPress plugin developer, here is a detailed analysis of the new comment in the context of the issue.

Executive Summary

The new comment from dependabot[bot] is a notification of supersession. It indicates that this specific Pull Request is now obsolete because Dependabot has created a different, likely more comprehensive, PR to handle the update for peter-evans/create-or-update-comment. The immediate action is to disregard this PR and locate the new one. The underlying task—updating the GitHub Action—remains relevant and requires review in the new PR.

---

Detailed Analysis

1. How does this comment relate to the original issue?

The comment is a terminal status update for the original issue (which is a Pull Request). The original PR was created by Dependabot to update a single dependency within a group. The new comment, also from Dependabot, effectively closes this PR by stating it's no longer the correct vehicle for the update. It's Dependabot's way of cleaning up its own work after finding a more efficient update path, such as a newer, more inclusive grouped update.

2. What new information or clarification is provided?

The key new piece of information is that this PR has been superseded. The phrase "updatable in another way" is Dependabot's standard message for one of the following scenarios:

• A new grouped update was created: Dependabot may have found other actions in the actions group that are also updatable. It will close individual or older group PRs in favor of a new, single PR that bundles all available updates for that group.
• A manual update occurred: A developer may have already updated this dependency manually and pushed the change to the main branch. When Dependabot rebased, it saw the update was already applied and closed its own PR.
• Dependabot configuration changed: An update to the .github/dependabot.yml file might have altered how this dependency is grouped or handled, triggering the creation of a new PR that aligns with the new configuration.

Given the context, the most probable scenario is the first one: a newer, more comprehensive grouped update for GitHub Actions is now available.

3. Are there code implications from this comment?

There are no direct code implications for the WordPress plugin's PHP files (free-gift-bulk-coupon-generator.php, uninstall.php, etc.). This entire issue relates to the project's Continuous Integration/Continuous Deployment (CI/CD) pipeline, specifically the GitHub Actions workflows defined in the .github/workflows/ directory.

The indirect implications are:

• The peter-evans/create-or-update-comment action, used for automated commenting on PRs or issues during CI runs, still needs to be updated from version 4 to 5.
• The change will be applied to one or more .yml files in the .github/workflows/ directory, but through a different Pull Request.
• The major version bump (v4 -> v5) still requires careful review. The release notes in the original issue highlight a new requirement for Actions Runner v2.327.1+ due to Node 24 support. If the project uses GitHub-hosted runners, this is a non-issue as they are kept up-to-date. If using self-hosted runners, they must be updated to meet this requirement.

4. What follow-up actions are suggested?

1. Do Nothing with this PR: This Pull Request can be safely ignored and will likely be closed automatically by Dependabot. Do not merge it.
2. Locate the New PR: Go to the project's Pull Requests tab and find the new, open PR from Dependabot that also updates GitHub Actions. It will likely have a similar title but may list more dependencies.
3. Review the New PR:
   • Examine all the dependency updates included in the new PR.
   • Pay close attention to the major version bump of peter-evans/create-or-update-comment from v4 to v5. Re-check the release notes for any breaking changes or new requirements (like the runner version).
   • Ensure the proposed changes are compatible with the project's CI strategy. The recent Git history showing several "Workflow" commits suggests active development in this area, so ensure the new PR aligns with those recent changes.
4. Merge the New PR: Once reviewed and approved, merge the new, superseding Pull Request.
5. Verify CI Pipeline: After merging, monitor the next CI run to confirm that all jobs, especially any that use the create-or-update-comment action, execute successfully.

---

Analysis performed by Gemini AI on Tue Oct 14 09:29:49 UTC 2025