Sorry I missed that it is our tutorial. It is horribly outdated 
as it was written for Gradle 4 (back then the BOM support was still “beta” and worked a bit differently). And yes, it should no longer recommend the ‘io.spring.dependency-management’ plugin.
I also don’t understand the strictly thing. I agree with what you wrote. The only reason to do it there would be if something in spring-beans breaks through the 1.20 update. But if that is the case, the guide should be clear about that. And even then it is debatable if using a component metadata rule is correct here (instead of defining a strict constraint directly in the dependencies block).
I am a bit ashamed of this content now to be honest. I’ll see that we get it updated soon.