Deprecate or move `commonprefix()` function from `os.path`

[sethmlarson]

Bug report

Bug description:

The os.path.commonprefix() function does not operate on path segments, instead operating char-by-char, which is a surprising behavior because all other functions in the os.path module operate on path segments. We document this behavior difference and recommend the use of commonpath(), but not as a security issue or warning. This was identified back when commonpath() was added to os.path, but the function was not deprecated or removed then. From a brief search of GitHub, commonprefix() is used two times as often as commonpath().

My recommendations:

• Deprecate commonprefix() in the os.path module.
• Strongly discourage the use of os.path.commonprefix() in the documentation of all versions, mentioning the security impact.
• (Optional) Move the commonprefix() function to the string module to make it clear this function is acting on strings, not paths. Users that are relying on the char-by-char behavior can then import like so to support multiple Python versions:

try:
    from string import commonprefix
except ImportError:
    from os.path import commonprefix

CPython versions tested on:

CPython main branch

Operating systems tested on:

No response

[StanFromIreland]

Duplicate of #74453.