I think it would be a fairly novel interpretation of "persons carrying on a business in common with a view to profit" required to catch out contributors to an open source project.
Outside of a project that takes contributions / donations without a legal entity to receive them and parcels those out amongst the contributors, I can't think of a reasonable situation that would enable such a definition.
Seems unlikely to me too but that's what I've read. If you ask a lawyer "what are the risks of doing X" they'll give you a list, and some will be more likely than others. It's up to the client to decide what level of risk they're happy with.
I managed to dig up the mailing list thread where I read about this risk: https://groups.google.com/g/linux.debian.vote/c/Nl-J8h2pO9A/... for context, Sam Hartman is a former Debian Project Leader and I assume his opinion is formed by advice from SPI's lawyers.
Outside of a project that takes contributions / donations without a legal entity to receive them and parcels those out amongst the contributors, I can't think of a reasonable situation that would enable such a definition.