Agree, snippet is conflating a lot of things.

JWT is a signed JSON blob.

Cookie is a storage and transport specification.

Local storage is a storage spec.

A "regular" cookie could also be a signed cookie which is basically the same thing as JWT.

Slight disagree in horizontal scalability--server sessions scale somewhat with Redis, replicated DB but obviously not to the degree stateless ones do.

Also on revocability, you don't need to revoke the token if you're validating fine grain permissions outside the token. You can revoke the permissions (ie disable the user). You can use JWT to gate permissions at a high level (infrastructure, traffic edge, API gateway) then validate fine grained permissions in code