GitHub's disabling of TLS pre-1.2 means that (purposefully) old dev/test boxes will switch from https:// to git:// for their git pulls. If GitHub continued to offer TLS 1.0/1.1 on a hostname called "insecure" or such, it'd send the same message without triggering such downgrades.
Attack surface in the git client/data-model/protocol is probably more of a concern than repo integrity; the latter can be checked with git fsck if you know the hash you wanted until sha1 collisions become practical.