The SHA-1 Situation Is Still Messy
Let's address the elephant in the room: Git picked SHA-1 back when Linus thought it was solid. Turns out, better-than-brute-force collision attacks were already known, and actual cryptographers were already side-eyeing it. But here we are, nearly 20 years later, still migrating away from it.
The argument at the time was that SHA-1 wasn't primarily for security—it was for content addressing and collision resistance. Which, fine, but then we built entire security models on top of it. Now enterprises want SHA-1 gone by 2030, and Git's been working on the migration for years with little to show for it.
One commenter nailed it: if security wasn't the point, Git should've used CRC128. It would've been faster, nobody would've confused it for a security feature, and we wouldn't be in this mess. But SHA-1 had the ecosystem, the libraries, the support. Classic "nobody ever got fired for choosing SHA-1" energy.
The Actual Roadmap
At FOSDEM 2026, Git maintainers outlined what's next:
SHA-256 migration is still happening, just slowly. The problem isn't technical complexity (though there's plenty)—it's that most Git devs are put off by the massive effort for minimal tangible reward. Plus, SHA-256 has held up way better than anyone expected 20 years ago, so the urgency isn't quite there.
Large file handling is getting serious attention. Game devs have needed this forever, but now ML engineers are trying to version multi-gigabyte model files in Git, and it's... not great. Hugging Face resorted to git-xet, a plugin that uses content-defined chunking, but requiring a separate install is friction nobody wants.
The standard solution is content-defined chunking—breaking large files into smaller, reusable chunks. Git-xet does it, other VCS tools do it. If Git adopted it natively, that'd be genuinely useful for anyone working with large binaries.
The Collision Attack Nobody Talks About
Here's the fun part about SHA-1 collisions: in practice, sneaking malicious commits into history doesn't really work. Email workflows involve explicit patch review. Remote workflows have protected branches, CI checks, code review.
Except... that's not quite the threat model. The real risk is a Jia Tan-style attack: commit something benign that passes review, then later replace it downstream with malicious code using a collision—without breaking signatures. That's the nightmare scenario, and it's why "SHA-1 is fine for non-adversarial data" aged poorly.
The Monotone Arguments, Revisited
Git basically inherited its SHA-1 reasoning from Monotone, a 2000s-era VCS. Monotone's arguments were a weird mix of prescient and wrong:
- They were right to doubt some early SHA-1 FUD
- They underestimated SHA-1's actual weaknesses (MD4 and MD5 were already broken)
- They way underestimated migration costs
- But if they'd picked SHA-256 instead, they would've been completely fine
The slapstick moment: when someone committed the SHA-1 collision proof-of-concept to an SVN repo as a test case. Unlike Git, SVN hashes raw files, so the collision broke the repo's invariants. This would've also broken content-addressed filesystems using SHA-1 for deduplication. Not great!
What Actually Ships
Git's now building on a unified object database (ODB) interface, which means plugins like git-xet could potentially become native features. That's the kind of boring infrastructure work that enables everything else.
The SHA-256 migration continues at Git speed (read: glacial). Large file support is getting real engineering hours. And the community is still litigating Linus's 2005 take on hash functions.
Ngl, watching a 20-year-old VCS evolve is fascinating. Git's not going anywhere—it's too deeply embedded in every workflow—but making it better for the next decade of 100GB AI models and post-quantum paranoia? That's the actually hard part.
The Bottom Line
Git 2026 is about fixing problems from 2005 while planning for 2035. The SHA-1 migration is necessary but unglamorous. Large file support is overdue. And somewhere, Linus is probably still defending his hash function choice.
The roadmap exists. Now they just have to ship it. Slowly. Very slowly.