ScanCode.io is a server to script and automate software composition analysis pipelines with ScanPipe pipelines. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ Google Summer of Code, nexB and others generous sponsors!
We need to get a good handle on what these are and how they relate to the other formats to decide aht to do with each for the analysis. Some formats may contains the same thing but with different optimizations applied. Or in some cases we may not have multiple variants.
Android has many unique formats such as:
We need to get a good handle on what these are and how they relate to the other formats to decide aht to do with each for the analysis. Some formats may contains the same thing but with different optimizations applied. Or in some cases we may not have multiple variants.
BANG and lief may help here for sure.