diff --git a/src/db/git.v b/src/db/git.v
index 2fb2a92..c40086b 100644
--- a/src/db/git.v
+++ b/src/db/git.v
@@ -118,11 +118,9 @@ pub fn (db &VieterDb) delete_git_repo(repo_id int) {
 
 // update_git_repo updates any non-array values for a given GitRepo.
 pub fn (db &VieterDb) update_git_repo(repo_id int, params map[string]string) {
-	// sql db.conn {
-	//	update GitRepo set repo
-	//}
 	mut values := []string{}
 
+	// TODO does this allow for SQL injection?
 	$for field in GitRepo.fields {
 		if field.name in params {
 			// Any fields that are array types require their own update method
diff --git a/src/server/git.v b/src/server/git.v
index 6c852b8..c5cbc0a 100644
--- a/src/server/git.v
+++ b/src/server/git.v
@@ -60,7 +60,6 @@ fn (mut app App) delete_repo(id int) web.Result {
 		return app.json(http.Status.unauthorized, new_response('Unauthorized.'))
 	}
 
-	// repos.delete(id)
 	app.db.delete_git_repo(id)
 
 	return app.json(http.Status.ok, new_response('Repo removed successfully.'))