We're managing it at the moment in spring-boot-parent which means that it's private but applied to every project. That's unnecessarily broad as we only care about the version within spring-boot-tools. We should reduce the scope of the dependency management.