diff --git a/.gitattributes b/.gitattributes
index 5b41632..a3983fb 100644
--- a/.gitattributes
+++ b/.gitattributes
@@ -4,5 +4,6 @@
 .gitignore export-ignore
 .php_cs export-ignore
 Makefile export-ignore
+composer-require-checker.json export-ignore
 phpstan.neon export-ignore
 phpunit.xml export-ignore
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..f3203de
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,13 @@
+version: 2
+
+updates:
+  - package-ecosystem: "composer"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    commit-message:
+      include: "scope"
+      prefix: "composer"
+    labels:
+      - "dependency-update"
+    versioning-strategy: "widen"
diff --git a/.github/workflows/integrate.yaml b/.github/workflows/integrate.yaml
index b6fb844..6052ada 100644
--- a/.github/workflows/integrate.yaml
+++ b/.github/workflows/integrate.yaml
@@ -5,6 +5,8 @@ on:
   push:
     branches:
       - "master"
+  schedule:
+    - cron: '0 3 1-7 * 1'
 
 jobs:
   composer-json-lint:
@@ -26,7 +28,7 @@ jobs:
         with:
           coverage: "none"
           php-version: "${{ matrix.php-version }}"
-          tools: composer-normalize
+          tools: composer-normalize, composer-require-checker, composer-unused
 
       - name: "Get composer cache directory"
         id: composercache
@@ -48,6 +50,12 @@ jobs:
       - name: "Normalize composer.json"
         run: "composer-normalize --dry-run"
 
+      - name: "Check composer.json explicit dependencies"
+        run: "composer-require-checker check --config-file=$(realpath composer-require-checker.json)"
+
+      - name: "Check composer.json unused dependencies"
+        run: "composer-unused"
+
   tests:
     name: "Tests"
 
@@ -66,10 +74,9 @@ jobs:
       - name: "Install PHP"
         uses: "shivammathur/setup-php@v2"
         with:
-          coverage: "pcov"
+          coverage: "none"
           php-version: "${{ matrix.php-version }}"
           ini-values: zend.assertions=1
-          tools: composer:v1
 
       - name: "Get composer cache directory"
         id: composercache
@@ -131,7 +138,7 @@ jobs:
 
       - name: "Run tests"
         timeout-minutes: 3
-        run: "vendor/bin/phpunit --coverage-clover=coverage.xml --coverage-xml=coverage/coverage-xml --log-junit=coverage/junit.xml"
+        run: "vendor/bin/phpunit --coverage-clover=coverage.xml"
 
       - name: "Send code coverage report to Codecov.io"
         uses: codecov/codecov-action@v1
diff --git a/composer-require-checker.json b/composer-require-checker.json
new file mode 100644
index 0000000..1db74f3
--- /dev/null
+++ b/composer-require-checker.json
@@ -0,0 +1,11 @@
+{
+  "symbol-whitelist" : [
+    "null", "true", "false",
+    "static", "self", "parent",
+    "array", "string", "int", "float", "bool", "iterable", "callable", "void", "object",
+    "Doctrine\\Common\\Util\\Debug",
+    "PHPUnit\\Framework\\Test",
+    "posix_isatty",
+    "ROOT_PATH"
+  ]
+}