[Snyk] Security upgrade matrix-js-sdk from 0.7.13 to 19.7.0

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • pkgs/applications/networking/instant-messengers/matrix-recorder/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	716/1000 Why? Recently disclosed, Has a fix available, CVSS 8.6	Key Exchange without Entity Authentication SNYK-JS-MATRIXJSSDK-3035643	Yes	No Known Exploit
	716/1000 Why? Recently disclosed, Has a fix available, CVSS 8.6	Authentication Bypass SNYK-JS-MATRIXJSSDK-3035652	Yes	No Known Exploit
	581/1000 Why? Recently disclosed, Has a fix available, CVSS 5.9	Key Exchange without Entity Authentication SNYK-JS-MATRIXJSSDK-3035765	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: matrix-js-sdk

The new version differs by 250 commits.

• 2d067ad v19.7.0
• 418aa3f Prepare changelog for v19.7.0
• a587d7c Resolve multiple CVEs
• b64a30f v19.6.0
• 5451f61 Prepare changelog for v19.6.0
• f34e568 v19.6.0-rc.1
• 6fd80ed Prepare changelog for v19.6.0-rc.1
• 9ff11d1 test typescriptification - last few unit test files (fix -G delimiter in call to useradd NixOS/nixpkgs#2675)
• 41ab333 test typescriptification - spec/unit/crypto/verification (fix mkpasswd: use the git repository NixOS/nixpkgs#2673)
• 1432e09 Update sonarcloud.yml
• e09936c Update sonarcloud.yml (Recode: Build on OS X NixOS/nixpkgs#2671)
• d32d190 Change return type to avoid null strict error (add and use fetchpatch NixOS/nixpkgs#2630)
• 53de8d5 Fix reset_dependency for if the dep is indirect (Adding partID and a partition recognition process NixOS/nixpkgs#2664)
• 829110b Update release-npm.yml (Creating assets and a toolchain for building the NixOS wiki via the github repo NixOS/nixpkgs#2665)
• 59c82cb Resetting package fields for development
• 6d3741d Merge branch 'master' into develop
• 43213fe v19.5.0
• c8438ff Prepare changelog for v19.5.0
• a1d0f03 Fix release.sh check_dependency
• fb565f3 Remove support for unstable private read receipts (uzbl: Add gsettings_desktop_schemas as build input. Closes #2332 NixOS/nixpkgs#2624)
• afa3b37 Revert "Add login flow types from matrix-react-sdk (Permission denied: /tmp/env-vars when using nix-shell NixOS/nixpkgs#2633)" (pandoc: Update to 1.12.4.2 NixOS/nixpkgs#2661)
• a57c430 Implementation of MSC3824 to add action= param on SSO login (rust: update to 0.10 release NixOS/nixpkgs#2398)
• 583e480 Add login flow types from matrix-react-sdk (Permission denied: /tmp/env-vars when using nix-shell NixOS/nixpkgs#2633)
• b22c671 Add a property aggregating all names of a NamespacedValue (haskell-glfw-b: add package version 1.4.6 NixOS/nixpkgs#2656)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.