The sha-1 attack is only a collision attack. It's not a pre-image attack. So if you clone a git repo and want to sneakily replace an existing object, you will not be able to do this because one of the inputs has already been fixed.
In order to perform that kind of attack, there would need to be a second pre-image attack, which does not exist right now.
Even md5 still has second pre-image resistance with a search space only slightly below the entire output space.[1]
So add a new object to the git repo (open source projects usually allow contributions) for which you already have a malicious SHA1-colliding object in your pocket. If your change is widely distributed, you now have a hash in the wild that matches your malicious data.
Right, assuming it goes through no revisions for code review and doesn't get rebased, that could potentially work. You would need to figure out where to have some random data in the commit that you're altering to search for the collision. Maybe some "test data" or something and hope nobody asks you to remove it.
In order to perform that kind of attack, there would need to be a second pre-image attack, which does not exist right now.
Even md5 still has second pre-image resistance with a search space only slightly below the entire output space.[1]
1. http://crypto.stackexchange.com/questions/13303/is-md5-secon...