[H8crilA]

I would only add that an organic (accidentally created) hash collision in Git will take an extreme amount of time. However, even today you can download the two PDFs from https://shattered.io/, put them both in your Git repository and watch Git crash. Given the construction of SHA-1 (Merkle-Damgard), it is easy to create an unlimited amount of derivative files that also cause a collision, they just have to have the correct prefixes (and then arbitrary but identical suffixes). Or upload only one of such files, but later pretend that it was the other. Authors were even kind enough to create a file tester on that very website :), but note that a determined adversary can recreate the attack and create a different set of prefixes.

SHA-1 really is broken, and therefore standard Git repositories do not offer integrity protection against someone who is determined to do harm and has some resources.

[formerly_proven]

git has been using the hardened variant of SHA-1 for ages, so the shattered.io files haven't had that effect for a long time.

Edit: Since git 2.13, released about a month after SHAttered was published in 2017: https://github.com/git/git/blob/master/Documentation/RelNote...

[fjdhdhdhfhfhf]

A hardened variant which to this day still has not been documented anywhere.

Really disappointing and terrible for interop.

[namibj]

I think IPFS's IPLD facility for integrating git"s blockchain has it documented as part of discussions on how to offer splitting of git objects as they naturally can be gigabytes.