Android apps increasingly rely on third-party native C/C++ libraries to deal with low-latency performance and mature functionality, making them a central driver of capability across production deployments. However, opaque binary distribution outside mature package managers impedes discovery, auditing, version tracking, and lifecycle management, allowing technical lag in outdated dependencies to persist and degrade security, compatibility, and reliability. Existing works have investigated the technical lags of third-party libraries in different package manager ecosystems, while Android native libraries are rarely studied due to the lack a comprehensive native library indexing to boost software composition analysis (SCA) tools.

To this end, by following a greedy and aggressive strategy to identify possible repository sources and collect Android native libraries, we constructed the first comprehensive native library dataset AndroidNL for Android, with over 60K libraries and 292K versions well retained. Our experiments proved its completeness that 85.1% of binaries in real-world APPs can be successfully traced in AndroidNL, with 10.1% of the rest suspicious to be not third-party native libraries. Moreover, AndroidNL is also validated to be useful regarding improving native library detection for Android, the experiments show that the state-of-the-art (SOTA) software composition analysis (SCA) tools (i.e., LibRARIAN) can be improved by at least 78.4% on accuracy. Our follow-up studies also highlighted the prevalence and actionable strategy for technical lags on Android native libraries, which could further shed the light on better solutions for the community.