Add note that SHA-1 actually has been broken

Author: stuartpb

book/07-git-tools/sections/revision-selection.asc

@@ -84,6 +84,8 @@ Here's an example to give you an idea of what it would take to get a SHA-1 colli
 If all 6.5 billion humans on Earth were programming, and every second, each one was producing code that was the equivalent of the entire Linux kernel history (6.5 million Git objects) and pushing it into one enormous Git repository, it would take roughly 2 years until that repository contained enough objects to have a 50% probability of a single SHA-1 object collision.
 Thus, a SHA-1 collision is less likely than every member of your programming team being attacked and killed by wolves in unrelated incidents on the same night.
 
+That being said, with hundreds and thousands of dollars' worth of computing power dedicated to the task, https://shattered.io/[two files with the same SHA-1 hash were produced in 2017]. Git has code https://github.com/git/git/blob/master/sha1dc/sha1.c[specifically to protect against this scenario].
+
 ====
 
 [[_branch_references]]