Overview

This PR replaces the reference to the BASIS_ACCESS_TOKEN. The token recently expired, and I figured it was a good time to update the name. Basis no longer really exists, and the purpose of the command is to download libraries that have been ripped out from Basis, among other new things like circe. Changing it to ANALYSIS_VENDOR_DOWNLOAD_TOKEN felt appropriate. I'm open to other suggestions.

After this PR merges I will delete the BASIS_ACCESS_TOKEN

Acceptance criteria

This build succeeds.

Testing plan

I validated that the updated token works by replacing the BASIS_ACCESS_TOKEN with the updated token and retrying another failed build.

Risks

The only risk is that the permissions could be different for this token than the BASIS_ACCESS_TOKEN was, but it only has read access, so it should be fine.

References

Failed builds

Checklist

• I added tests for this PR's change (or explained in the PR description why tests don't make sense).
• If this PR introduced a user-visible change, I added documentation into docs/.
• If this PR added docs, I added links as appropriate to the user manual's ToC in docs/README.ms and gave consideration to how discoverable or not my documentation is.
• If this change is externally visible, I updated Changelog.md. If this PR did not mark a release, I added my changes into an ## Unreleased section at the top.
• If I made changes to .fossa.yml or fossa-deps.{json.yml}, I updated docs/references/files/*.schema.json AND I have updated example files used by fossa init command. You may also need to update these if you have added/removed new dependency type (e.g. pip) or analysis target type (e.g. poetry).
• If I made changes to a subcommand's options, I updated docs/references/subcommands/<subcommand>.md.