I think there’s a misunderstanding. My point wasn’t about why wiki posts in the first post are bumped. I was talking about the reasoning behind restricting the no-bump API parameter, as mentioned in the GitHub comment:
Should this be restricted to staff API keys? I don’t think we want regular users to be able to bypass bumping (it would allow them to inject spam into topics without bringing them to people’s attention).
If spam was truly the concern, then this restriction should apply consistently, not just in the few remaining cases where bumping happens. That’s what surprised me: the reasoning cites spam as a problem here, but bumping isn’t meant as a spam-protection mechanism in, for example, wikis that are the last post in a topic.
I do appreciate that wiki posts are bumped on updates (though the UX of being taken to the bottom of the topic while the bump reason is the first post is still confusing).
My point is just highlighting this apparent inconsistency regarding spam.