This was observed due to the interaction of two plugins and detailed in this github issue.
The gradle-versions-plugin uses a copyRecursive to modify and query the dependency graph. The modifications are to apply any custom resolution rules, e.g. filtering out betas, when determining the latest version of a dependency. When run with the dependency-management-plugin it can report incorrect information of the current dependency if an upgrade has occurred since the BOM’s. The intent is if the user has explicitly declared a new version on a configuration that this overrides, which does occur when looking at the build artifact. The plugin’s author says this is done through a beforeResolve action which appears to not be copied over, and is therefore causing surprising behavior.
This is a minor issue and more an annoyance than a problem. But naively I would assume a copyRecursive would capture everything, e.g. it does copy the resolution strategies, so I suspect this is an oversight.