Phoronix summary says:

But it is NOT true!

Statement from GitHub says:

Ergo: GitHub is not vulnerable, but malicious GitHub repos *can* be hosted there. The wording might not be clear if you're not familiar with Git smudge-filters functionality.

Update the client if you're working on Windows or macOS!

Otherwise, you can laugh at people using case-insensitive filesystems

I wish someone made a GUI for Git designed for non-techies, and made it dead easy to use, like even a retard could use it.

I like the idea behind Git, it is cool, but it is frigging confusing and using the command line is arcane.
I have no idea what head, headref, index, stash, pseudoref, ref, reflog, symref, etc means and I don't care.
I don't know how to amend or how to squash commits.
I don't know what a tag is, or why I would want to create a tag.

I just want to be able to edit files, save them with a commit message, and have a history. Like on Wikipedia, it is easy, you just click on Edit then make some changes, write a message and click on the Save button, then you can click on View history and pick two points in history that you want to compare and you get a diff.

So, am I safe if I go back to Git 2.14?

If you're cloning from a malicious repository anyway, it doesn't really make much difference.

You're about to run a make script, compile the code, and run it aren't you?

If you don't know or care about the features why do those matter? It's not like they're right there in the CLI for you to worry about. Plenty of GUIs keep it simple too. Basic usage is clone the repo, then wow look there's a the GIT history neat! You make a change and the GUI goes "You changed stuff, wanna add those to the history with some comment about the change?" then you "push" (save) it, voila you're a git wizard.

GitKraken is a nice GUI, it's not the lowest in memory usage for obvious reasons, but you're wanting to use a GUI for visual benefits and UX, then it probably meets those needs quite well. For newbies they have nice docs and video guides on youtube you can watch. It works on Windows, macOS and Linux, unlike some other GUI competitors.

I'm happy with it. I can use CLI but if I haven't done a particular operation in a while I forget what to type, if I'm going to copy/paste and maybe modify a command anyway, then I rather just use a GUI with visual memory which has better exploratory UX for figuring out how to do less common things too. With a few clicks you can skim through the branch history, change branches, compare diffs from branches or a range/selection of commits to another, peek at the full tree at any commit, view individual file history, switch to git blame view, various ways to view diffs, resolve conflicts, it's pretty sweet.

Not exactly for me, but I can see that being true for most.

I think MacOS wanted to convert to case sensitive with APFS however a lot of programs break if you don't have a case insensitive filesystem on MacOS (iirc photoshop was one of those)

I tried GitKraken some time ago. Their "you must register" and "will cost money soon" put me off, also their workflow did not click with me and the client was not powerful enough.

Personally I use SmartGit. Dead easy to use for every level of git competence and scales up to a nice git flow workflow I established at work (bought a couple of licenses for the team -- it's free for non-profit personal use). Native clients for Linux, Windows and Mac.

Many options, many ways of approach while still being very easy and intuitive to use and being a very informative and supportive program what it's doing, what went wrong and why, all without having an overwhelming UI. Then again, I'm an KDE user so YMMV. I strongly recommend it.

I'm a KDE user too, and I'm aware of SmartGit but for a GUI the screenshot just looked unappetizing. Perhaps it looks nicer on a modern DE and looks more native/integrated? Otherwise I much prefer the look and UX of GitKraken tbh.

I've used GitKraken since 2016? Never paid for it, only required for commercial and perhaps private repos on Github / Gitlab I think? I'd consider Sublime Merge as an alternative if I had to buy a license and for some reason the annual license subscription for GitKraken wasn't worth the Sublime fixed one off license cost(equivalent to few years of GitKraken iirc), but their docs look a bit sparse and dated.

As far as registration goes, I only have GitKraken "login" via my Github session, it opens a browser window every few months to renew the session, hasn't really been a problem.

Do you even need Git then? Sounds like you should be using Subversion.