Some of this is a duplicate of Error "Your push would publish a private email address" so see that for the GH007 error.
Note that GitHub's Git is complaining that some existing commits—commits that are new to them, but already exist in your own Git repository—contain email addresses that they would publish if they accepted them.
Meanwhile, there are several things to know here. Git has a very sharp distinction between what goes into commits, and how you authenticate yourself to some other Git installation. In fact, authentication isn't done by Git itself at all, but rather by third-party software: ssh, curl / libcurl, macOS keychains, Windows credentials, and so on.
When you set user.name and user.email, these control only future commits. No existing commits are changed—in fact, no existing commit can ever be changed; if you make one you don't like, you end up making a new and improved one to avoid using it, using that instead of the bad one. The git commit command builds a new commit, and when it does, it uses user.name as the name, and user.email as the email address. That's basically all they do.
In order to connect your Git installation to another Git installation, so as to transfer commits (send your new ones to them, or get new ones from them), you must authenticate yourself, so that the other Git installation knows that you are you, not someone else. This authentication never uses your user.name and user.email settings. What it does use depends on your host operating system and what protocol you use to connect to the other Git installation. If you use an https:// URL, see what the Git installation for your operating system does in order to present a user name and password. If you use an ssh:// URL, your Git installation will use whatever method your computer provides for Secure Shell to provide a key. See https://www.ssh.com/ssh/key/ for a general background.
