community/perl-app-cpanminus: add depends on wget, and upgrade to 1.7045 (which addresses CVE-2020-16154)

cpanm tries LWP, Wget, cURL and HTTP::Tiny (in that order) and uses the first one available.

Our cpanminus package does not depend on perl-libwww (for LWP), GNU wget, or curl. Instead cpanm finds Busybox wget, which it cannot use, as it doesn't support the "--retry-connrefused" option that cpanm requires.

HTTP::Tiny comes bundled in with the Perl package, but as it is ordered last, cpanminus won't try it if /usr/bin/wget exists.

To fix this, perl-app-cpanminus would need to depend on either perl-libwww or GNU wget.

Unfortunately, I don't think perl-libwww is the better option, because for HTTPS support, it'll further require perl-lwp-protocol-https.

HTTPS is made more important in light of CVE-2020-16154, as the decision in upstream seems to be to remove signature verification altogether, and rely on HTTPS to guarantee CPAN package integrity, see: https://github.com/miyagawa/cpanminus/issues/639#issuecomment-1007664249 .

To make it short, I think perl-app-cpanminus needs to depend on GNU wget for it to work properly.

Here's the relevant section of the cpanm manpage for reference:

--lwp
   Uses LWP module to download stuff over
   HTTP. Defaults to true, and you can say
   "--no-lwp" to disable using LWP, when you
   want to upgrade LWP from CPAN on some
   broken perl systems.

--wget
   Uses GNU Wget (if available) to download
   stuff. Defaults to true, and you can say
   "--no-wget" to disable using Wget
   (versions of Wget older than 1.9 don't
   support the "--retry-connrefused" option
   used by cpanm).

--curl
   Uses cURL (if available) to download
   stuff. Defaults to true, and you can say
   "--no-curl" to disable using cURL.

   Normally with "--lwp", "--wget" and
   "--curl" options set to true (which is the
   default) cpanm tries LWP, Wget, cURL and
   HTTP::Tiny (in that order) and uses the
   first one available.