From e769449256cad3b4b8e6c7c2a8ddf60ca6a5a899 Mon Sep 17 00:00:00 2001
From: Thrijith Thankachan <thrijith13@gmail.com>
Date: Wed, 30 May 2018 17:16:33 +0530
Subject: [PATCH 1/2] Add escaping for block title

---
 src/Scaffold_Command.php          | 5 +++--
 templates/block-index-js.mustache | 2 +-
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/src/Scaffold_Command.php b/src/Scaffold_Command.php
index 95326166b..8af3809ab 100644
--- a/src/Scaffold_Command.php
+++ b/src/Scaffold_Command.php
@@ -274,8 +274,9 @@ public function block( $args, $assoc_args ) {
 		);
 		$data     = $this->extract_args( $assoc_args, $defaults );
 
-		$data['slug']          = $slug;
-		$data['title_ucfirst'] = ucfirst( $data['title'] );
+		$data['slug']             = $slug;
+		$data['title_ucfirst']    = ucfirst( $data['title'] );
+		$data['title_ucfirst_js'] = esc_js( $data['title'] );
 
 		$dashicon = $this->extract_dashicon( $assoc_args );
 		if ( $dashicon ) {
diff --git a/templates/block-index-js.mustache b/templates/block-index-js.mustache
index 722763187..7df0f753c 100644
--- a/templates/block-index-js.mustache
+++ b/templates/block-index-js.mustache
@@ -24,7 +24,7 @@
 		 * This is the display title for your block, which can be translated with `i18n` functions.
 		 * The block inserter will show this name.
 		 */
-		title: __( '{{title_ucfirst}}' ),
+		title: __( '{{title_ucfirst_js}}' ),
 
 		{{#dashicon}}
 		/**

From 1e6def64c0f49b4a116c4121556cb2928cfc68d4 Mon Sep 17 00:00:00 2001
From: Thrijith Thankachan <thrijith13@gmail.com>
Date: Wed, 30 May 2018 19:17:29 +0530
Subject: [PATCH 2/2] Fix test failure due to block title

---
 src/Scaffold_Command.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/Scaffold_Command.php b/src/Scaffold_Command.php
index 8af3809ab..83db147e6 100644
--- a/src/Scaffold_Command.php
+++ b/src/Scaffold_Command.php
@@ -276,7 +276,7 @@ public function block( $args, $assoc_args ) {
 
 		$data['slug']             = $slug;
 		$data['title_ucfirst']    = ucfirst( $data['title'] );
-		$data['title_ucfirst_js'] = esc_js( $data['title'] );
+		$data['title_ucfirst_js'] = esc_js( $data['title_ucfirst'] );
 
 		$dashicon = $this->extract_dashicon( $assoc_args );
 		if ( $dashicon ) {