grape 3.2.1 → 3.3.0

data/UPGRADING.md

@@ -1,6 +1,341 @@
 Upgrading Grape
 ===============
 
+### Upgrading to >= 3.3
+
+#### Minimum required Ruby is now 3.3
+
+Grape no longer supports Ruby 3.2; 3.3 is now the minimum (`required_ruby_version = '>= 3.3'`). Upgrade your runtime to Ruby 3.3 or newer before bumping Grape.
+
+#### `mustermann-grape` is no longer a dependency
+
+Grape's path-pattern grammar (previously the `mustermann-grape` gem) now lives in Grape itself as `Grape::Router::MustermannPattern`, and Grape depends on `mustermann` directly. This is transparent for normal Grape usage.
+
+The inlined class is no longer registered as a Mustermann type, so if your app called `Mustermann.new(pattern, type: :grape)` and relied on Grape loading `mustermann-grape` for you, add it to your Gemfile explicitly:
+
+```ruby
+gem 'mustermann-grape'
+```
+
+#### `Grape::Exceptions::ValidationErrors.new` keyword renamed `errors:` → `exceptions:`
+
+`Grape::Exceptions::ValidationErrors#initialize` now takes its input array under the `exceptions:` keyword instead of `errors:`. The kwarg accepts a mix of `Grape::Exceptions::Validation` and `Grape::Exceptions::ValidationArrayErrors` instances; `ValidationArrayErrors` wrappers are flattened internally via `flat_map(&:errors)`. The `errors` reader on the constructed instance (the grouped `{params => [Validation, ...]}` Hash) is unchanged.
+
+```ruby
+# before
+Grape::Exceptions::ValidationErrors.new(errors: [validation, validation_array_errors], headers:)
+
+# after
+Grape::Exceptions::ValidationErrors.new(exceptions: [validation, validation_array_errors], headers:)
+#### `Grape::Exceptions::ValidationErrors` no longer mixes in `Enumerable`
+
+`Grape::Exceptions::ValidationErrors` no longer includes `Enumerable` and no longer defines a public `#each`. The Enumerable surface (`#each`, `#map`, `#select`, `#to_a`, etc.) was undocumented and untested; the documented accessors — `#errors`, `#full_messages`, `#message`, `#as_json` — are unchanged.
+
+If a `rescue_from` block iterated over the exception instance, switch to `#errors`:
+
+```ruby
+# before
+rescue_from Grape::Exceptions::ValidationErrors do |e|
+  e.each { |attribute, error| ... }
+end
+
+# after
+rescue_from Grape::Exceptions::ValidationErrors do |e|
+  e.errors.each do |attributes, errs|
+    errs.each { |error| ... }
+  end
+end
+```
+
+#### `rescue_from` rejects meta selectors mixed with exception classes
+
+`rescue_from` used to silently drop additional exception classes when its first argument was a meta selector (`:all`, `:grape_exceptions`, `:internal_grape_exceptions`). It now raises `ArgumentError` so the misuse is caught at definition time:
+
+```ruby
+# previously: MyError was silently dropped — only :all took effect
+rescue_from :all, MyError, with: :handler
+
+# now: ArgumentError ("rescue_from :all does not accept additional arguments")
+# split into two declarations instead:
+rescue_from :all, with: :handler
+rescue_from MyError, with: :other_handler
+```
+
+Calls that only use one meta selector or only use exception classes (the documented forms) are unaffected.
+
+#### `auth`, `http_basic` and `http_digest` now take keyword arguments
+
+`Grape::Middleware::Auth::DSL#auth`, `#http_basic` and `#http_digest` now accept their options as keyword arguments instead of a positional `Hash`. Calls using bare keyword syntax or a block are unaffected:
+
+```ruby
+http_basic realm: 'API' do |u, p|
+  # ...
+end
+
+auth :http_digest, realm: 'API', opaque: 'secret', &proc
+```
+
+Passing a positional options `Hash` still works but is deprecated and will be removed in a future release:
+
+```ruby
+# deprecated
+http_basic({ realm: 'API' })
+auth :http_digest, { realm: 'API', opaque: 'secret' }
+
+# preferred
+http_basic(realm: 'API')
+auth :http_digest, realm: 'API', opaque: 'secret'
+```
+
+#### Middleware options now route through per-class `Options` `Data` value objects
+
+`Grape::Middleware::Error`, `Grape::Middleware::Formatter`, and `Grape::Middleware::Versioner::Base` each declare an `Options` `Data.define` and route their `**options` kwargs through it on `initialize`. This means **unknown kwargs now raise `ArgumentError`** instead of being silently swallowed:
+
+```ruby
+# previously: silently swallowed (Formatter doesn't actually read :rescue_options)
+Grape::Middleware::Formatter.new(app, rescue_options: { backtrace: true })
+
+# now: ArgumentError (unknown keyword: :rescue_options)
+```
+
+Each `Options` class accepts exactly the kwargs the middleware actually reads. The supported sets:
+
+- `Middleware::Error::Options`: `all_rescue_handler`, `base_only_rescue_handlers`, `content_types`, `default_error_formatter`, `default_message`, `default_status`, `error_formatters`, `format`, `grape_exceptions_rescue_handler`, `internal_grape_exceptions_rescue_handler`, `rescue_all`, `rescue_grape_exceptions`, `rescue_handlers`, `rescue_options`.
+- `Middleware::Formatter::Options`: `content_types`, `default_format`, `format`, `formatters`, `parsers`.
+- `Middleware::Versioner::Base::Options`: `content_types`, `format`, `mount_path`, `pattern`, `prefix`, `version_options`, `versions`.
+
+The `Hash`-based `options` reader on `Grape::Middleware::Base` continues to return a frozen Hash representation of the Data (`config.to_h.freeze`) for back-compat with subclasses that read `options[:key]`. A new `config` reader exposes the typed Data instance — prefer the named accessors going forward:
+
+```ruby
+# back-compat (still works)
+options[:format]
+
+# preferred
+config.format
+# or, on converted middlewares, just `format` (provided via def_delegators)
+```
+
+`Options#[]` is defined as a Hash-style shim with a deprecation warning so legacy `data[:key]` callers get a migration nudge:
+
+```ruby
+# emits Grape.deprecator warning
+Grape::Middleware::Error::Options.new[:format]
+```
+
+#### `DEFAULT_OPTIONS` constants on converted middlewares are deprecated
+
+`Grape::Middleware::Error::DEFAULT_OPTIONS`, `Grape::Middleware::Formatter::DEFAULT_OPTIONS`, and `Grape::Middleware::Versioner::Base::DEFAULT_OPTIONS` still exist as a frozen `Hash` representation of the `Options` defaults (`Options.new.to_h.freeze`), for back-compat with any code that referenced these constants directly. They will be removed in a future release; introspect the `Options` `Data` class itself instead.
+
+#### `Grape::Middleware::Globals` removed
+
+`Grape::Middleware::Globals` and the three env constants it set (`Grape::Env::GRAPE_REQUEST`, `Grape::Env::GRAPE_REQUEST_HEADERS`, `Grape::Env::GRAPE_REQUEST_PARAMS`) have been deleted. The middleware was introduced in 2013 (commit `9987090b`) but never mounted by Grape's own stack — the `Grape::Request` it built is now constructed directly inside `Grape::Endpoint`. Nothing in `lib/` read those env keys.
+
+If you mounted `Grape::Middleware::Globals` in your own Rack stack to populate `env['grape.request']` for downstream middleware, replicate it locally:
+
+```ruby
+class MyGlobals
+  def initialize(app); @app = app; end
+
+  def call(env)
+    request = Grape::Request.new(env)
+    env['grape.request'] = request
+    env['grape.request.headers'] = request.headers
+    env['grape.request.params'] = request.params if env['rack.input']
+    @app.call(env)
+  end
+end
+```
+
+The original implementation is preserved in git history at [`6b4111b3:lib/grape/middleware/globals.rb`](https://github.com/ruby-grape/grape/blob/6b4111b3/lib/grape/middleware/globals.rb).
+
+#### `error_formatter` now receives a `Grape::Exceptions::ErrorResponse` value object
+
+Custom error formatters now receive a frozen `Grape::Exceptions::ErrorResponse` as the `error:` keyword argument, alongside three request-time context kwargs. The new signature:
+
+```ruby
+def call(error:, env: nil, include_backtrace: false, include_original_exception: false)
+```
+
+`error` is the same value object the middleware uses internally, with `status` / `message` / `headers` / `backtrace` / `original_exception` accessors. The two `include_*` booleans are forwarded from the matching `rescue_from` options (previously buried inside `options[:rescue_options]`).
+
+Existing positional formatters break and need to be updated:
+
+```ruby
+# Before
+error_formatter :txt, ->(message, backtrace, options, env, original_exception) { ... }
+
+module CustomFormatter
+  def self.call(message, backtrace, options, env, original_exception)
+    ...
+  end
+end
+
+# After — pick fields off `error`
+error_formatter :txt, ->(error:, **) { "[#{error.status}] #{error.message}" }
+
+module CustomFormatter
+  def self.call(error:, **)
+    { status: error.status, message: error.message, backtrace: error.backtrace }
+  end
+end
+```
+
+Migration:
+
+| Old positional arg | New |
+| --- | --- |
+| `message` | `error.message` |
+| `backtrace` | `error.backtrace` |
+| `original_exception` | `error.original_exception` |
+| `options[:rescue_options][:backtrace]` | `include_backtrace` (kwarg) |
+| `options[:rescue_options][:original_exception]` | `include_original_exception` (kwarg) |
+| `env` | `env` (kwarg, still passed) |
+| HTTP status | `error.status` (newly exposed) |
+| Response headers | `error.headers` (newly exposed) |
+
+The remaining middleware-options keys (`default_status`, `format`, `rescue_handlers`, …) were framework-internal and have never been part of the documented contract.
+
+The change resolves [#2527](https://github.com/ruby-grape/grape/issues/2527): the HTTP `status` and the response `headers` are now part of the formatter contract, so JSON:API–style error bodies (which embed the status code) and header-aware formatters can be written without reaching into `env[Grape::Env::API_ENDPOINT]`.
+
+#### `version` now takes explicit keyword arguments
+
+`version` previously accepted `**options` and silently ignored any keys it didn't use. It now declares its options explicitly:
+
+```ruby
+def version(*args, using: :path, cascade: true, parameter: 'apiver', strict: false, vendor: nil, &block)
+```
+
+Passing an unrecognised keyword now raises `ArgumentError` instead of being swallowed. The most common offender is `format:` — it was never a `version` option (response format is set with `format`/`default_format`, and header-versioned requests carry the format in their `Accept` header), but the old splat let `version 'v1', using: :header, vendor: 'x', format: :json` through as a no-op.
+
+```ruby
+# Before — `format:` silently ignored
+version 'v1', using: :header, vendor: 'x', format: :json
+
+# After
+version 'v1', using: :header, vendor: 'x'   # set responses with `format :json` / `default_format :json`
+```
+
+Recognized keys are `using:`, `cascade:`, `parameter:`, `strict:`, `vendor:`. Calls using only those are unaffected.
+
+#### `Grape::Middleware::Base#options` is now frozen
+
+`@options` is frozen at the end of `Grape::Middleware::Base#initialize` (after `merge_default_options`). The hash is initialized once and treated as immutable for the lifetime of the middleware. Custom middleware that mutates `options[...]` at runtime will now raise `FrozenError`.
+
+If your custom middleware was patching its own options on the fly:
+
+```ruby
+# Before
+class MyMiddleware < Grape::Middleware::Base
+  def before
+    options[:flag] = compute_flag
+    # ...
+  end
+end
+
+# After — store mutable runtime state on a dedicated ivar
+class MyMiddleware < Grape::Middleware::Base
+  def before
+    @flag = compute_flag
+    # ...
+  end
+end
+```
+
+Reading `options[...]` is unchanged.
+
+#### Throw `:error` payloads are now `Grape::Exceptions::ErrorResponse`
+
+The payload thrown via `throw :error, ...` is now a `Grape::Exceptions::ErrorResponse` value object instead of a `Hash`. If you `catch(:error)` and inspect the payload, switch from `payload[:status]` to `payload.status` (or `payload[:message]` to `payload.message`, etc.). User-defined `throw :error, hash` calls continue to work — `Middleware::Error#error_response` coerces Hashes, exceptions, and `ErrorResponse` instances at the boundary.
+
+Returning or throwing a `Hash` with `:message`, `:status`, and `:headers` from a `rescue_from` handler is now deprecated and will be removed in a future release. Use `error!(...)` or return/throw a `Grape::Exceptions::ErrorResponse` instead.
+
+#### `Grape::Request#grape_routing_args` has been removed
+
+`grape_routing_args` was previously public to support third-party `params_builder` extensions, which have since been removed. With no remaining callers, the method has been removed. If you were calling it externally, read `env[Grape::Env::GRAPE_ROUTING_ARGS]` directly.
+
+#### `endpoint_run_filters.grape` notification no longer fired for empty filter lists
+
+`ActiveSupport::Notifications` subscribers listening to `endpoint_run_filters.grape` will no longer receive an event when the filter list for a given phase (`:before`, `:before_validation`, `:after_validation`, `:after`, `:finally`) is empty. Previously every phase emitted an event on every request regardless of whether any filters were registered. If you relied on these events to infer per-phase timing, subscribe to `endpoint_run.grape` (which always fires once per request) or register a no-op filter to keep the phase instrumented.
+
+#### `Grape::Endpoint.before_each` moved to `Grape::Testing`
+
+`Grape::Endpoint.before_each` and `Grape::Endpoint.reset_before_each` are now only available after requiring `grape/testing`. This module is intended for test environments only and is not loaded by default.
+
+Add the following to your test helper:
+
+```ruby
+require 'grape/testing'
+```
+
+The `before_each` method now always requires a block — calling it without one raises `ArgumentError`. To clear registered hooks, use the new dedicated `reset_before_each` method:
+
+```ruby
+# Before
+after { Grape::Endpoint.before_each nil }
+
+# After
+after { Grape::Endpoint.reset_before_each }
+```
+
+#### `Grape::Endpoint#logger` now returns the API's configured logger
+
+Calling `logger` inside a route handler, filter (`before` / `before_validation` / `after_validation` / `after` / `finally`), or `rescue_from` block previously raised `NoMethodError` unless the application defined a helper:
+
+```ruby
+class MyAPI < Grape::API
+  logger Logger.new($stdout)
+
+  helpers do
+    def logger
+      MyAPI.logger
+    end
+  end
+end
+```
+
+`Grape::Endpoint` now exposes `#logger` directly, so the helper is no longer necessary:
+
+```ruby
+class MyAPI < Grape::API
+  logger Logger.new($stdout)
+  # logger is now reachable inside route handlers, filters, and rescue_from blocks
+end
+```
+
+**Helper override still wins.** Helpers are mixed into the endpoint's singleton class via `singleton_class.include(@helpers)`, and singleton-class methods take precedence over instance methods on `Grape::Endpoint`. If your application already defines `logger` in a `helpers` block (or a module included via `helpers`), that definition continues to override `Endpoint#logger`. You can safely keep the helper or remove it — both paths produce the same result for the canonical `MyAPI.logger` case above.
+
+**Behaviour change for code that didn't define a helper.** If your code references `logger` inside an endpoint context *without* a corresponding `helpers` definition, that call previously raised `NoMethodError` and now returns the API's configured logger. This is almost always the intended behaviour, but if you were relying on the `NoMethodError` (for instance to short-circuit logging in test environments via `rescue NoMethodError`), update your code to check `respond_to?(:logger)` or to gate logging on a feature flag.
+
+#### Exceptions raised inside `rescue_from` blocks are now caught
+
+Previously, an exception raised inside a `rescue_from` block was uncaught and bubbled up to Rack, producing the Rack default 500 page. The framework now catches and routes it:
+
+1. If the re-raised exception's class has a registered `rescue_from` handler, that handler runs (one redispatch only — a second raise stops the chain).
+2. If the re-raised exception is a `Grape::Exceptions::Base` subclass, it is rendered via the default Grape error path with its own `status` and `message`.
+3. Otherwise, the original exception is exposed on `env['grape.exception']` for upstream Rack middleware to observe, and the response is a generic `Grape::Exceptions::InternalServerError` (`500 Internal Server Error`) — the original exception's message is **not** rendered to the API consumer.
+
+This means deliberate re-raises in a `rescue_from` block (e.g. translating one exception class into another) now compose with the rest of your `rescue_from` configuration, and accidental crashes (typos, `NoMethodError`, …) no longer leak internal detail to API consumers.
+
+The framework deliberately does **not** log unhandled internal exceptions itself — formatting and destination are application concerns. To log, forward to an error tracker, or customize the response shape for these errors, register a `rescue_from :internal_grape_exceptions` handler:
+
+```ruby
+rescue_from :internal_grape_exceptions do |e|
+  Sentry.capture_exception(e)
+  error!({ message: 'Something went wrong' }, 500)
+end
+```
+
+When this handler is registered, the framework hands the original exception to you and you own the response shape entirely.
+
+If you relied on the old behaviour and want raw exception messages exposed in development, register a catch-all handler:
+
+```ruby
+rescue_from StandardError do |e|
+  error!({ message: e.message, class: e.class.name }, 500)
+end
+```
+
+
 ### Upgrading to >= 3.2
 
 #### Rack parameter parsing errors now raise `Grape::Exceptions::RequestError`
@@ -694,7 +1029,7 @@ class Api < Grape::API
      params[:my_param]
   end
   get '/example', params: { my_param: nil }
-  # 1.3.1 = []
+  # 1.3.3 = []
   # 1.3.2 = nil
 end
 ```

data/grape.gemspec

@@ -21,13 +21,13 @@ Gem::Specification.new do |s|
   }
 
   s.add_dependency 'activesupport', '>= 7.2'
-  s.add_dependency 'dry-configurable'
+  s.add_dependency 'dry-configurable', '>= 1.0'
   s.add_dependency 'dry-types', '>= 1.1'
-  s.add_dependency 'mustermann-grape', '~> 1.1.0'
-  s.add_dependency 'rack', '>= 2'
-  s.add_dependency 'zeitwerk'
+  s.add_dependency 'mustermann', '>= 4.0'
+  s.add_dependency 'rack', '>= 2.2.4'
+  s.add_dependency 'zeitwerk', '>= 2.6'
 
   s.files = Dir['lib/**/*', 'CHANGELOG.md', 'CONTRIBUTING.md', 'README.md', 'grape.png', 'UPGRADING.md', 'LICENSE', 'grape.gemspec']
   s.require_paths = ['lib']
-  s.required_ruby_version = '>= 3.2'
+  s.required_ruby_version = '>= 3.3'
 end

data/lib/grape/api/instance.rb

@@ -132,7 +132,7 @@ module Grape
       def cascade?
         namespace_inheritable = self.class.inheritable_setting.namespace_inheritable
         return namespace_inheritable[:cascade] if namespace_inheritable.key?(:cascade)
-        return namespace_inheritable[:version_options][:cascade] if namespace_inheritable[:version_options]&.key?(:cascade)
+        return namespace_inheritable[:version_options].cascade if namespace_inheritable[:version_options]
 
         true
       end
@@ -168,25 +168,25 @@ module Grape
           allowed_methods |= [Rack::HEAD] if !namespace_inheritable[:do_not_route_head] && allowed_methods.include?(Rack::GET)
 
           allow_header = namespace_inheritable[:do_not_route_options] ? allowed_methods : [Rack::OPTIONS] | allowed_methods
-          last_route.app.options[:options_route_enabled] = true unless namespace_inheritable[:do_not_route_options] || allowed_methods.include?(Rack::OPTIONS)
+          last_route.app.options_route_enabled = true unless namespace_inheritable[:do_not_route_options] || allowed_methods.include?(Rack::OPTIONS)
 
           greedy_route = Grape::Router::GreedyRoute.new(last_route.pattern, endpoint: last_route.app, allow_header:)
           @router.associate_routes(greedy_route)
         end
       end
 
-      ROOT_PREFIX_VERSIONING_KEY = %i[version version_options root_prefix].freeze
-      private_constant :ROOT_PREFIX_VERSIONING_KEY
+      ROOT_PREFIX_VERSIONING_KEYS = %i[version version_options root_prefix].freeze
+      private_constant :ROOT_PREFIX_VERSIONING_KEYS
 
       # Allows definition of endpoints that ignore the versioning configuration
       # used by the rest of your API.
       def without_root_prefix_and_versioning
         inheritable_setting = self.class.inheritable_setting
-        deleted_values = inheritable_setting.namespace_inheritable.delete(*ROOT_PREFIX_VERSIONING_KEY)
+        deleted_values = inheritable_setting.namespace_inheritable.delete(*ROOT_PREFIX_VERSIONING_KEYS)
         yield
       ensure
-        ROOT_PREFIX_VERSIONING_KEY.each_with_index do |key, index|
-          inheritable_setting.namespace_inheritable[key] = deleted_values[index]
+        ROOT_PREFIX_VERSIONING_KEYS.zip(deleted_values) do |key, value|
+          inheritable_setting.namespace_inheritable[key] = value
         end
       end
     end

data/lib/grape/api.rb

@@ -10,8 +10,11 @@ module Grape
     Helpers = Grape::DSL::Helpers::BaseHelper
 
     class Boolean
+      VALUES = [true, false].freeze
+      private_constant :VALUES
+
       def self.build(val)
-        return nil if val != true && val != false
+        return unless VALUES.include?(val)
 
         new
       end
@@ -56,12 +59,10 @@ module Grape
       # `configuration` as normal.
       def configure
         config = @base_instance.configuration
-        if block_given?
-          yield config
-          self
-        else
-          config
-        end
+        return config unless block_given?
+
+        yield config
+        self
       end
 
       # The remountable class can have a configuration hash to provide some dynamic class-level variables.
@@ -69,11 +70,11 @@ module Grape
       # depending on where the endpoint is mounted. Use with care, if you find yourself using configuration
       # too much, you may actually want to provide a new API rather than remount it.
       def mount_instance(configuration: nil)
-        Class.new(@base_parent).tap do |instance|
-          instance.configuration = Grape::Util::EndpointConfiguration.new(configuration || {})
-          instance.base = self
-          replay_setup_on(instance)
-        end
+        instance = Class.new(@base_parent)
+        instance.configuration = Grape::Util::EndpointConfiguration.new(configuration || {})
+        instance.base = self
+        replay_setup_on(instance)
+        instance
       end
 
       private
@@ -126,11 +127,10 @@ module Grape
         eval_args = evaluate_arguments(instance.configuration, *args)
         eval_kwargs = kwargs.deep_transform_values { |v| evaluate_arguments(instance.configuration, v).first }
         response = instance.__send__(method, *eval_args, **eval_kwargs, &block)
-        if skip_immediate_run?(instance, [response], kwargs)
-          response
-        else
-          evaluate_arguments(instance.configuration, response).first
-        end
+
+        return response if skip_immediate_run?(instance, [response], kwargs)
+
+        evaluate_arguments(instance.configuration, response).first
       end
 
       # Skips steps that contain arguments to be lazily executed (on re-mount time)
@@ -140,26 +140,23 @@ module Grape
       end
 
       def any_lazy?(args)
-        args.any? { |argument| argument_lazy?(argument) }
+        args.any?(Grape::Util::Lazy::Base)
       end
 
       def evaluate_arguments(configuration, *args)
         args.map do |argument|
-          if argument_lazy?(argument)
+          case argument
+          when Grape::Util::Lazy::Base
             argument.evaluate_from(configuration)
-          elsif argument.is_a?(Hash)
+          when Hash
             argument.transform_values { |value| evaluate_arguments(configuration, value).first }
-          elsif argument.is_a?(Array)
+          when Array
             evaluate_arguments(configuration, *argument)
           else
             argument
           end
         end
       end
-
-      def argument_lazy?(argument)
-        argument.respond_to?(:lazy?) && argument.lazy?
-      end
     end
   end
 end

data/lib/grape/cookies.rb

@@ -13,7 +13,7 @@ module Grape
     def_delegators :cookies, :[], :each
 
     def initialize(rack_cookies)
-      @cookies = rack_cookies
+      @cookies = ActiveSupport::HashWithIndifferentAccess.new(rack_cookies)
       @send_cookies = nil
     end
 
@@ -37,11 +37,7 @@ module Grape
 
     private
 
-    def cookies
-      return @cookies unless @cookies.is_a?(Proc)
-
-      @cookies = @cookies.call.with_indifferent_access
-    end
+    attr_reader :cookies
 
     def send_cookies
       @send_cookies ||= Set.new

data/lib/grape/declared_params_handler.rb

@@ -50,69 +50,67 @@ module Grape
     end
 
     def declared_hash_attr(passed_params, declared_param:, params_nested_path:, memo:, renamed_params:, route_params:)
-      if declared_param.is_a?(Hash)
-        declared_param.each_pair do |declared_parent_param, declared_children_params|
-          next unless @include_missing || passed_params.key?(declared_parent_param)
-
-          memo_key = build_memo_key(params_nested_path, declared_parent_param, renamed_params)
-          passed_children_params = passed_params[declared_parent_param] || passed_params.class.new
-
-          params_nested_path_dup = params_nested_path.dup
-          params_nested_path_dup << declared_parent_param.to_s
-
-          memo[memo_key] = handle_passed_param(params_nested_path_dup, route_params:, has_passed_children: passed_children_params.any?) do
-            recursive_declared(
-              passed_children_params,
-              declared_params: declared_children_params,
-              params_nested_path: params_nested_path_dup,
-              renamed_params:,
-              route_params:
-            )
-          end
-        end
-      else
-        # If it is not a Hash then it does not have children.
-        # Find its value or set it to nil.
-        return unless @include_missing || (passed_params.respond_to?(:key?) && passed_params.key?(declared_param))
-
-        memo_key = build_memo_key(params_nested_path, declared_param, renamed_params)
-        passed_param = passed_params[declared_param]
-
-        params_nested_path_dup = params_nested_path.dup
-        params_nested_path_dup << declared_param.to_s
-
-        memo[memo_key] = passed_param || handle_passed_param(params_nested_path_dup, route_params:) do
-          passed_param
-        end
+      return declare_leaf(passed_params, declared_param:, params_nested_path:, memo:, renamed_params:, route_params:) unless declared_param.is_a?(Hash)
+
+      declared_param.each_pair do |parent, children|
+        declare_nested(passed_params, parent:, children:, params_nested_path:, memo:, renamed_params:, route_params:)
       end
     end
 
-    def build_memo_key(params_nested_path, declared_param, renamed_params)
-      rename_path = params_nested_path + [declared_param.to_s]
-      renamed_param_name = renamed_params[rename_path]
+    def declare_nested(passed_params, parent:, children:, params_nested_path:, memo:, renamed_params:, route_params:)
+      return unless @include_missing || passed_params.key?(parent)
+
+      memo_key = build_memo_key(params_nested_path, parent, renamed_params)
+      passed_children = passed_params[parent] || passed_params.class.new
+      nested_path = nested_path_for(params_nested_path, parent)
+
+      memo[memo_key] = handle_passed_param(nested_path, route_params:, has_passed_children: passed_children.any?) do
+        recursive_declared(
+          passed_children,
+          declared_params: children,
+          params_nested_path: nested_path,
+          renamed_params:,
+          route_params:
+        )
+      end
+    end
+
+    # The declared param has no children. Find its value or set it to nil.
+    def declare_leaf(passed_params, declared_param:, params_nested_path:, memo:, renamed_params:, route_params:)
+      return unless @include_missing || (passed_params.respond_to?(:key?) && passed_params.key?(declared_param))
 
+      memo_key = build_memo_key(params_nested_path, declared_param, renamed_params)
+      passed_param = passed_params[declared_param]
+
+      memo[memo_key] = passed_param || handle_passed_param(nested_path_for(params_nested_path, declared_param), route_params:) do
+        passed_param
+      end
+    end
+
+    def build_memo_key(params_nested_path, declared_param, renamed_params)
+      renamed_param_name = renamed_params[nested_path_for(params_nested_path, declared_param)]
       param = renamed_param_name || declared_param
       @stringify ? param.to_s : param.to_sym
     end
 
-    def handle_passed_param(params_nested_path, route_params:, has_passed_children: false, &_block)
+    def nested_path_for(parent_path, key)
+      parent_path + [key.to_s]
+    end
+
+    def handle_passed_param(params_nested_path, route_params:, has_passed_children: false)
       return yield if has_passed_children
 
-      key = params_nested_path[0]
+      key = params_nested_path.first
       key += "[#{params_nested_path[1..].join('][')}]" if params_nested_path.size > 1
 
       type = route_params.dig(key, :type)
-      has_children = route_params.keys.any? { |k| k != key && k.start_with?("#{key}[") }
-
-      if type == 'Hash' && !has_children
-        {}
-      elsif type == 'Array' || (type&.start_with?('[') && !type.include?(','))
-        []
-      elsif type == 'Set' || type&.start_with?('#<Set', 'Set')
-        Set.new
-      else
-        yield
-      end
+      return yield if type.nil?
+
+      return {} if type == 'Hash' && route_params.keys.none? { |k| k != key && k.start_with?("#{key}[") }
+      return [] if type == 'Array' || (type.start_with?('[') && !type.include?(','))
+      return Set.new if type == 'Set' || type.start_with?('#<Set', 'Set')
+
+      yield
     end
   end
 end

data/lib/grape/dsl/callbacks.rb

@@ -9,9 +9,15 @@ module Grape
       # after: execute the given block after the endpoint code has run except in unsuccessful
       # finally: execute the given block after the endpoint code even if unsuccessful
 
-      %w[before before_validation after_validation after finally].each do |callback_method|
-        define_method callback_method.to_sym do |&block|
-          inheritable_setting.namespace_stackable[callback_method.pluralize.to_sym] = block
+      {
+        before: :befores,
+        before_validation: :before_validations,
+        after_validation: :after_validations,
+        after: :afters,
+        finally: :finallies
+      }.each do |method_name, plural_key|
+        define_method method_name do |&block|
+          inheritable_setting.namespace_stackable[plural_key] = block
         end
       end
     end