This is more a social convention than a technical limitation. Both Git and blockchains use Merkle trees to describe a linear history, and both allow rewriting history (via "git rebase" for the former and forking + the manual equivalent of a rebase for the latter). Many hosted Git repos disallow rewriting history on the central branch (i.e., they do not permit force-pushing to the main/master branch).
I think you have it backwards. On git it is a social convention, and when it's a technical one it's only because some singular 3rd party (e.g. Github) has made it this way. e.g. an employee at GH certainly can rewrite history on the central branch of your repo.
I don't see how it's not true for a distributed blockchain. People have forked the Ethereum and Bitcoin blockchains, and individuals chose whether to follow the fork or what they believed to be the original, uncorrupted version. Technically, anyone can fork a blockchain; socially and due to the governance processes of the blockchain's user community, this is difficult to pull off.
yes, and when it is modified the hash changes - it would be obvious it was modified. how are you suggesting they do this in a way that is not detectable?
I'm not really following you. in this scenario, the source of the truth, is the repo, not necessarily the repo on GitHub. GitHub is just hosting the repo. in your attack situation, since it's trivial to see it was changed, you would just push over the verifiably correct repo and switch hosting providers.
Secure or not you still have two blockchains and people have to decide which one they prefer. Do you understand there have been bitcoin and ethereum forks where exactly that has happened?
