The best thing that you can do for email privacy / spam control is to have a different real email address to use with GitHub and related services, preferably with email forwarding to your other email address(es), and use this email address to sign up to GitHub and to push commits with Git.
The alternative is to hide the email address on both GitHub and Git:
on GitHub's email settings, check:
- Keep my email addresses private, to make GitHub generate a no-reply email address for you.
- Block command line pushes that expose my email, to prevent mistakes while using Git.
Now, when you tell Git your identity, use that no-reply email address.
(this is different than making git remember your credentials)
git config --global user.name "your name"
git config --global user.email "your email"
or
git config --global user.email "the no-reply email"
depending on what you choose for your email privacy.
The --global option is so it's for all repositories.
Only use tokens in place of passwords (it's mandatory anyway) so in case of data theft you just need to delete the tokens.
git config --global credential.helper store
They will be saved in ~/.git-credentials.
To reset the credentials just delete such file.