However, these days I'm mostly developing for servers my company or I administer, so I don't need to make the assumption that there is "no place outside the DocumentRoot." Instead, I designate the top level of the repo as a free-for-all, and specify one folder within as the DocumentRoot.
Some of our sites rely on RewriteRules, and that configuration also lands outside the DocumentRoot, to be included from the system Apache configuration. This lets us perform rewrites at the more-efficient server/URL level instead of filesystem/directory level, while allowing all the code to be updated in the repo. When we change rewriting rules, that goes right into the history with everything else.
To give a concrete example, a website could look like this on the server:
- (the TCPDF library code)
Again, this doesn't really work for letting other people publish on a shared host (rewrite.conf could conceivably do anything allowable in VirtualHost context, not just rewrite) but we own the whole host.