Use a correct COMMIT_ID detection regex for prohibited branches
What does this MR do and why?
Contributes to #442441
Problem
\h{40}
regular expression cannot detect SHA256 commits.
Solution
Use Gitlab::Git::COMMIT_ID
regex that can handle both SHA1 and SHA256
commits.