Use of hashfunction sha1

In the epics on the gitlab page of Jami there is one about to remove sha1.
For which purpose is sha1 used in Jami - and because it is totally deprecated: Then will it be replaced with something modern (sha256, or sha3, for example)?
That kind of attacks against Jami are realistic if collisions for sha1 could be calculated? Could my identity be stolen, for example?

The ids in Jami seems likely to be sha1 values because they have 160 bits.

@ringring I was curious about this too. Here are some interesting links:

The Ids are SHA-1 hashes of the public key. It appears that there are known (costly) collision attacks on SHA-1, but not preimage attacks, which would allow you to potentially impersonate someone. If a preimage attack was discovered, it would still be costly to generate a working keypair ( since the SHA-1 is a hash of the public key, not the private key).

So for now it seems ok, but it’s probably good that there is interest in moving to a new hash eventually.

It still should have been done by default IMHO.