Hi, I looked into this as well this evening and didn't really understand what they are doing. Did you ask the upstream authors why they didn't just depend on libgit2 as they did for libssh2, OpenSSL, ...? It's probably easier to understand the problem with their help. [If you don't want to do that I can do...]
Best, Philip
