So after trying stuff, I don't know what I've done wrong before, but clean, this way is working

[#assign optionsHTML = ""]                    
[#list data as item]
   [#assign optionsHTML = optionsHTML + '<option value="' + item.value +'>'+ item.label + '</option>' /]
[/#list]



<select>
   [#noescape]
   ${optionsHTML}
   [/#noescape]
</select>

I faced same problem in string with special chars. In this example I have checknumber = "6547&6548" which caused problem before using this #escape

the best and simple way to handle this as following code

<#escape x as x?html>${deposit.checkNumber}</#escape>

Like ddekany said, write something like this:

<select>
  [#list data as item]
    <option value="${item.value}">${item.label}</option>
  [/#list]
</select>

Putting #noescape around #assign has no effect. Automatic escaping only applies to ${...}-s that are embedded directly into the static text (the HTML). So there's no escaping to disable inside that #assign.

?html is used to escape a string "manually". Like in your example you could write optionsHTML = optionsHTML + '<option value="${item.value?html}>${item.label?html}</option>', because you know that the value will be output non-auto-escaped later, and the ${...}-s inside the string literal aren't escaped automatically.

However, the best would be if you can organize your code so that things that generate HTML don't construct the HTML inside variables and then print the variable, but print the HTML directly into the output. That's what FTL is designed for.