If you don't have an advanced understanding of the Bitcoin protocol you should not attempt implementing any part of it, specially security critical parts like address generation. Not to mention that using it in browser and using Javascript is already a terrible idea.
Case in point:
From this x-only form coordinate point:
X= 60376045308133502588319041039213905409191423390227563583774073057371619898448 (decimal)
X= 857BA1721C71D8F80F9C208B513BEEAC46816A4123FB7DB11A3CF6833D58B450 (hexadecimal)
What is the next step to get this final taproot address:
BC1PY5VKU7TV8A39WPE6LQF3P6W5JMC3CMHTWCQ3WHYTW59MCH7542JSFYEMK9
Creating Taproot addresses is slightly different from other addresses. It is not a simple matter of pubkey to address since a Taproot address can be both a "pay to key" and a "pay to script" at the same time (imagine a combination of both P2PKH and P2SH but with only one address format). So there are also two ways of creating the address.
One is the simple and quick way of "pay to key" where the address encodes the pubkey you have:
bc1ps4a6zusuw8v0sruuyz94zwlw43rgz6jpy0ahmvg68nmgx02ck3gq7xmyug
The other is creating a "dummy" script with the single key to use that for spending. This requires computing the tweak hash
t = SHA256(SHA256("TapTweak") || SHA256("TapTweak") || pub_bytes)
and tweak key
pub_tweak = pub + (t * G).
and computing the address using the tweaked pubkey
bc1py5vku7tv8a39wpe6lqf3p6w5jmc3cmhtwcq3whytw59mch7542jsfyemk9
This means depending on how you created the address, the way you spend the coins sent to the address is going to be different.
In this example I gave you Y was odd and it worked to generate the Taproot address ?!