SHA hashes?

[michaeladamkatz]

It would be nice if there were SHA hashes or something like that with each SDK, which were independently verified by users. As it is, my employer is not keen on me downloading a bunch of executable files from a github account named "phracker".

[thenickdude]

If you need assurance the SDKs are clean, you can download them straight from Apple's Developer Downloads instead (a Developer subscription is required), this project guides you through the process:

https://github.com/devernay/xcodelegacy

[michaeladamkatz]

Yes, thanks, I did end up downloading the older xcode versions from Apple. They just take a while to download...

[thenickdude]

You can actually download the Command Line Tool packages instead and unpack them with the "--expand-full output" command line argument. Buried the unpacked "output" directory you'll find a MacOS SDK directory that matches the ones in this repo.

Saves quite a bit of download size over Xcode itself

[michaeladamkatz]

Ah, thanks for the info. I'll try that next time.