diff --git a/__tests__/config.test.ts b/__tests__/config.test.ts
index ccb188a..cdd8892 100644
--- a/__tests__/config.test.ts
+++ b/__tests__/config.test.ts
@@ -3,7 +3,8 @@ import {expect, test, jest, beforeEach} from '@jest/globals'
 import {readConfig} from '../src/config'
 
 beforeEach(() => {
-  /* reset to our defaults after every test run */
+  // reset to our defaults after every test run
+  // TODO find out what the proper way of passing action inputs in tests is
   delete process.env['INPUT_FAIL-ON-SEVERITY']
   delete process.env['INPUT_ALLOWED-LICENSES']
   delete process.env['INPUT_DENY-LICENSES']
@@ -36,4 +37,13 @@ test('it raises an error if both an allow and denylist are specified', async ()
   expect(() => readConfig()).toThrow()
 })
 
-test('it raises an error when given an unknown severity', async () => {})
+test('it raises an error when given an unknown severity', async () => {
+  process.env['INPUT_FAIL-ON-SEVERITY'] = 'zombies!'
+  expect(() => readConfig()).toThrow()
+})
+
+test('it works on uppercase severities', async () => {
+  process.env['INPUT_FAIL-ON-SEVERITY'] = 'CRITICAL'
+  const options = readConfig()
+  expect(options.fail_on_severity).toEqual('critical')
+})
diff --git a/src/config.ts b/src/config.ts
index a3eedce..e6ea0f2 100644
--- a/src/config.ts
+++ b/src/config.ts
@@ -13,7 +13,7 @@ export function readConfig(): ConfigurationOptions {
   const allowedLicenses = core.getInput('allowed-licenses')
   const denyLicenses = core.getInput('deny-licenses')
 
-  options.fail_on_severity = severity as Severity
+  options.fail_on_severity = severity.toLowerCase() as Severity
 
   if (allowedLicenses.length > 0) {
     options.allow_licenses = allowedLicenses.split(',').map(s => s.trim())