An open source notice file is a compliance artifact that provides users with copyright and license information for open source components included in supplied software. Writing notice files manually is error-prone and time-consuming. onot automates this process.
SK Telecom developed onot internally and released it as open source under the name onot. Kakao also contributed major features through collaborative development.
Features
onot takes an SBOM in SPDX format as input and automatically converts it into an open source notice file. It is Python-based, lightweight, and easy to use.
- SBOM-based automation — Uses SPDX SBOMs generated by tools such as cdxgen or Syft directly as input
- Standard output — Generates notice files containing per-license copyright and license texts
- Python CLI — Runs as a simple command-line tool with no server setup required
- Open source — Free to use, modify, and distribute
Installation
Install via pip:
pip install onot
For more details, see the official repository: https://github.com/sktelecom/onot
Basic Usage
Prepare an SBOM in SPDX format, then run:
onot -f sbom.spdx
onot analyzes the SBOM and outputs an open source notice file. The generated notice can be bundled with the distributed software package or published on an open source website to fulfill license obligations.
For detailed usage, refer to the README in the official repository: https://github.com/sktelecom/onot