There are two extents to which SHA-1 could be broken: (1) it could be possible to find one or many collisions, where the attack generates both colliding texts; (2) it could be possible to find a different text that collides with a provided text. Unless you're able to take your pair of texts and have one of them pass code review and the other introduce a back door, (1) is useless for attacking a project hosted in git with a reasonable development strategy. On the other hand, (1) will probably get you EV certs for *.google.com from a reputable CA, because x509 tools don't tend to be suspicious of chunks of random data in the certificate request like Linus is of chunks of random data in a patch. Based on the fact that MD5-based certs *have* seen this attack, and SHA-1 certs have seen less effective attacks, SHA-1 is probably not this broken. On the other hand, MD5 *is* that broken, but it's still not known to be so broken as (2), even with the algorithm changed to be weaker. There's a huge gap between (1) and (2), significantly bigger than between the strengths of different hashes, so it's implausible that (2) would have actually occurred before evidence of (1) being exploited had turned up.