For a deployment repo this is not a major issue, since the only commits should be ones already committed correctly before being pulled.
When the default file is used, it is checked by verifying a digital signature (https://versioncheck.tortoisegit.org/rsa.asc) that it has not been altered (since Tortoise Git 1.8.5). If you're responsible for a lot of users in your domain, you might want your users to use only versions you have approved and not have them install always the latest version (or to save bandwidth or want to add some further notes for installation). After downloading the digital signature is verified - the file is only kept if the file is digitally signed and could be verified correctly.You probably don't want that upgrade dialog to show up so your users don't go and upgrade immediately (to disable update checking at all (e.g. for servicepack version), The line is used to override the base path to the installation packages (if empty it defaults to If you want to distribute your own modified Tortoise Git packages in your network, you have to put your own GPG key into Tortoise Git and sign the .msi-files with this key or deactivate the signature verification completely.Tortoise Git checks if there's a new version available every week (or daily in a preview release).If there is a newer version available, a dialog shows up informing the user about that and allows to download/install a new version. The filenames are generated as follows: Tortoise Git-(version)-(32|64)for the main installer (if not overridden by .