On Wed, Mar 14, 2018 at 6:46 PM, Linus Torvalds
<torvalds(a)linux-foundation.org> wrote:
SHA1 with the known attack weakness fixed (aka "Hardened SHA1", the
way git already does) in a non-certificate environment is fine.
.. don't get me wrong, git will migrate away, but the whole "it's not
fine" stuff is just fear-mongering garbage.
Linus