If you have a third party sign your git commits, you no longer can no longer modify the commit later undetectedly. And if someone puts their log of signatures into another git repository, you can create an entire web of timestamped trust.
https://netfuture.ch/2022/02/git-pgp-blockchain-comparison/
This is true. Although now this is starting to pretty closely approach what the OP is doing, just using another store for the signatures instead of the CT log.