Let's say you write some authorisation code using JavaScript. If it contains a syntax error, or a logic error your authentication is broken for your entire system. Checking the correctness of a program is usually non-trivial, but I accept some things CAN be checked (e.g. syntax). However, JavaScript, naturally is a procedural language and hence the bulk of your problems would be in your logic.

In contrast, /etc/sudoers{.d} config is syntactically validated using a strict grammar so that it can be validated for correctness before being loaded and used (hence visudo). It's primarily a declarative language too which means that logic bugs aren't really possible. This means that there is a robust mechanism to detect syntax issues (and some semantic issues) before breaking your system.

What if the program reading /etc/sudoers{.d} has a bug and crashes?

Exactly, like the link says, at least it runs without permissions and is sandboxed.

Then.. sudo has a bug and should be fixed?

But the same can be said about your "authorisation code using JavaScript".

Yes, but one is written by a developer, and one is written by a user. That's a pretty big difference, IMHO.