Bump matrix-sdk from 0.7.1 to 0.12.0

[dependabot]

Bumps matrix-sdk from 0.7.1 to 0.12.0.

Release notes

Sourced from matrix-sdk's releases.

matrix-sdk 0.12.0

What's Changed

Security Fixes

• Check the sender of an event matches owner of session, preventing sender spoofing by homeserver owners. 13c1d20 (High, CVE-2025-48937, GHSA-x958-rvg6-956w).

Features

• Client::send_call_notification_if_needed now returns Result<bool> instead of Result<()> so we can check if the event was sent.
• Added SendMediaUploadRequest wrapper for SendRequest, which checks the size of the request to upload making sure it doesn't exceed the m.upload.size value that can be fetched through Client::load_or_fetch_max_upload_size.
• Add ClientBuilder::with_enable_share_history_on_invite to enable experimental support for sharing encrypted room history on invite, per MSC4268. (#5141)
• Room::list_threads() is a new method to list all the threads in a room. (#4972)
• Room::relations() is a new method to list all the events related to another event ("relations"), with additional filters for relation type or relation type + event type. (#4972)
• The EventCache's persistent storage has been enabled by default. This means that all the events received by sync or back-paginations will be stored, in memory or on disk, by default, as soon as EventCache::subscribe() has been called (which happens automatically if you're using the matrix_sdk_ui::Timeline). This offers offline access and super quick back-paginations (when the cache has been filled) whenever the event cache is enabled. It's also not possible to disable the persistent storage anymore. Note that by default, the event cache store uses an in-memory store, so the events will be lost when the process exits. To store the events on disk, you need to use the sqlite event cache store. (#4308)
• Room::set_unread_flag() now sets the stable m.marked_unread room account data, which was stabilized in Matrix 1.12. Room::is_marked_unread() also ignores the unstable com.famedly.marked_unread room account data if the stable variant is present. (#5034)
• Encryption::encrypt_and_send_raw_to_device: Introduced as an experimental method for sending custom encrypted to-device events. This feature is gated behind the experimental-send-custom-to-device flag, as it remains under active development and may undergo changes. (4998)
• Room::send_single_receipt() and Room::send_multiple_receipts() now also unset the unread flag of the room if an unthreaded read receipt is sent. (#5055)
• Client::is_user_ignored(&UserId) can be used to check if a user is currently ignored.
• (#5081)
• RoomSendQueue::send_gallery has been added to allow sending MSC4274-style media galleries via the send queue under the unstable-msc4274 feature. (#4977)

Bug fixes

• A invited DM room joined with Client::join_room_by_id() or Client::join_room_by_id_or_alias()

... (truncated)

Commits

• b41efb0 chore: Release matrix-sdk version 0.12.0
• 23db199 Merge branch 'release-0.11'
• 76d1f8b chore: Fix a PR link in the changelog file
• 550f4c5 Update crates/matrix-sdk-crypto/CHANGELOG.md
• b3f07f4 chore: Release matrix-sdk version 0.11.1
• 5698074 chore: Add a changelog entry for GHSA-x958-rvg6-956w
• 13c1d20 fix(crypto): Check the sender of an event matches owner of session
• 7f3e144 refactor (crypto): clarify some comments
• fe8bd2f refactor(crypto): Break get_or_update_verification_state in two
• 7cdfb0d chore(sqlite): revert the busy_timeout pragmas
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #166.