Always except if a Whonix News says otherwise.
Both has pros and cons.
Keeping Tor entry guards when migrating to a new image is possible it is a cumbersome process usability wise. Good for Tor but more risky for security if Tor state files were previously compromised in ways they could re-compromise on a new image. Also transferring files out of VMs is a security risk for the host. There’s no perfect answer. It depends on what risks one thinks is more likely.
Upgrading in-place is more comfortable.
New builds come with less legacy so will always be of higher out of the box quality and less likely to have bugs related to upgrading.
New builds might be slightly less a target for sneaking in backdoors through hypothetical malicious upgrades.
See also:
Maybe a good compromise would be to get a new image at when there is a release upgrade.
You didn’t ask for the following option but I am mentioning it here for sake of completeness and since it is related anyhow. The option which is better than both is upgrading from source code and or creating Whonix images from source code. This is documented here:
I will migrate/move/moderate this question to its own forum thread later.