Some frameworks and Content Management Systems do, usually to protect resources because they’re otherwise exposed in an untoward manner. Grav itself (Core) has no such resources. And all source code is public already, much the same as with most frameworks and CMS’.
The “outside-root” approach really only holds value if there are protected resources available, and they should be protected by other, more robust, means in that case. If the resources exist it’s because they need to be exposed to the website, otherwise they shouldn’t be stored on the webserver. As suggested, symlinking would allow you to move these files and folders pretty much anywhere on the server.
If you just want less clutter in root, install Grav in a subdirectory.